Do not wipe all netd iptables rules in test mode

The NatController fail-safe which flushes the iptables when the ref
count reaches zero unintentionally wipes out all static rules setup
by init in bp-tools test mode.  Doing this flush is not necessary.

Change-Id: I37890e79cd701aa2e970958a246dfe7514a65c47
diff --git a/NatController.cpp b/NatController.cpp
index 28f1fe2..ddb0499 100644
--- a/NatController.cpp
+++ b/NatController.cpp
@@ -22,6 +22,7 @@
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <string.h>
+#include <cutils/properties.h>
 
 #define LOG_TAG "NatController"
 #include <cutils/log.h>
@@ -92,14 +93,18 @@
 int NatController::doNatCommands(const char *intIface, const char *extIface, bool add) {
     char cmd[255];
 
-    // handle decrement to 0 case (do reset to defaults) and erroneous dec below 0
-    if (add == false) {
-        if (natCount <= 1) {
-            int ret = setDefaults();
-            if (ret == 0) {
-                natCount=0;
+    char bootmode[PROPERTY_VALUE_MAX] = {0};
+    property_get("ro.bootmode", bootmode, "unknown");
+    if (0 != strcmp("bp-tools", bootmode)) {
+        // handle decrement to 0 case (do reset to defaults) and erroneous dec below 0
+        if (add == false) {
+            if (natCount <= 1) {
+                int ret = setDefaults();
+                if (ret == 0) {
+                    natCount=0;
+                }
+                return ret;
             }
-            return ret;
         }
     }
 
@@ -132,8 +137,10 @@
     if (add && natCount == 0) {
         snprintf(cmd, sizeof(cmd), "-t nat -A POSTROUTING -o %s -j MASQUERADE", extIface);
         if (runIptablesCmd(cmd)) {
-            // unwind what's been done, but don't care about success - what more could we do?
-            setDefaults();;
+            if (0 != strcmp("bp-tools", bootmode)) {
+                // unwind what's been done, but don't care about success - what more could we do?
+                setDefaults();;
+            }
             return -1;
         }
     }