#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

. /lib/network/header-zone

# TODO AC name, service name, sync?

HOOK_SETTINGS="HOOK AUTH LINKNAME USER SECRET PEERDNS DEFAULTROUTE MTU"
HOOK_SETTINGS="${HOOK_SETTINGS} DEVICE DEVICE_VID DEVICE_TYPE"

AUTH=
DEFAULTROUTE=1
LINKNAME="$(uuid)"
MTU=1492
PEERDNS=1
SECRET=
USER=

PPPOE_ALLOWED_AUTHS="chap pap"
PPPOE_PLUGIN="rp-pppoe.so"

function _pppoe_real_device() {
	local device
	if [ -n "${DEVICE_VID}" ]; then
		device="${DEVICE_MAC}"
	else
		device="${DEVICE}"
	fi

	devicify ${device}
}

function _check() {
	assert isset USER
	assert isset SECRET
	assert isset LINKNAME
	assert isset DEFAULTROUTE
	assert isset PEERDNS
	assert isset DEVICE
	assert isset DEVICE_TYPE

	assert isbool DEFAULTROUTE
	assert isbool PEERDNS
	assert ismac DEVICE
	assert isoneof DEVICE_TYPE real virtual

	isset AUTH && assert isoneof AUTH ${PPPOE_ALLOWED_AUTHS}
	isset DEVICE_ID && assert isinteger DEVICE_VID
}

function _parse_cmdline() {
	while [ $# -gt 0 ]; do
		case "$1" in
			--user=*)
				USER=${1#--user=}
				;;
			--secret=*)
				SECRET=${1#--secret=}
				;;
			--linkname=*)
				LINKNAME=${1#--name=}
				;;
			--mtu=*)
				MTU=${1#--mtu=}
				;;
			--no-defaultroute)
				DEFAULTROUTE=0
				;;
			--no-dns)
				PEERDNS=0
				;;
			--auth=*)
				AUTH=${1#--auth=}
				;;
			--device=*)
				DEVICE=${1#--device=}
				;;
			--device-vid=*)
				DEVICE_VID=${1#--device-vid=}
				;;
			*)
				echo "Unknown option: $1" >&2
				exit ${EXIT_ERROR}
				;;
		esac
		shift
	done

	if ! device_exists $(devicify ${DEVICE}); then
		error "Device '${DEVICE}' does not exist."
		exit ${EXIT_ERROR}
	fi

	DEVICE=$(macify ${DEVICE})

	if isset DEVICE_VID; then
		DEVICE_TYPE="virtual"
	else
		DEVICE_TYPE="real"
	fi
}

function _up() {
	local zone=${1}
	shift

	config_read ${ZONE_DIR}/${zone}/settings

	# Creating necessary files
	[ -d "${RED_RUN}/${LINKNAME}" ] || mkdir -p ${RED_RUN}/${LINKNAME}

	# Setting up the device
	if [ -n "${DEVICE_VID}" ]; then
		device_create_virtual ${DEVICE} ${DEVICE_VID} ${DEVICE_MAC}
	else
		device_set_up ${DEVICE}
	fi

	ppp_secret "${USER}" "${SECRET}"

	cat <<EOF >${RED_RUN}/${LINKNAME}/options
# Naming options
ifname ${zone}
name ${LINKNAME}
linkname ${LINKNAME}

plugin ${PPPOE_PLUGIN} $(_pppoe_real_device)

# User configuration
user ${USER}

$(enabled PEERDNS && echo "usepeerdns")
$(enabled DEFAULTROUTE && echo "defaultroute")

noauth
$(isset AUTH && echo "require-${AUTH}")

noipdefault

# Maximum transmission/receive unit
mtu ${MTU}
mru ${MTU}

# Disable the compression
noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe

updetach debug
EOF

	pppd file ${RED_RUN}/${LINKNAME}/options >/dev/null

	local ret=$?

	# Get exit code from ppp daemon and handle it:
	case "${ret}" in
		0)
			log DEBUG "pppd detached successfully"
			exit ${EXIT_OK}
			;;
	esac

	error_log "pppd exited with unknown exit code '${ret}'"

	exit ${EXIT_ERROR}
}

function _down() {
	local zone=${1}
	shift

	config_read ${ZONE_DIR}/${zone}/settings

	# Kill pppd
	pid=$(cat /var/run/${zone}.pid 2>/dev/null)
	if [ -n "${pid}" ]; then
		kill ${pid} &>/dev/null
	fi

	# Pull down device or remove virtual one
	if [ -n "${DEVICE_VID}" ]; then 
		device_remove_virtual ${DEVICE_MAC}
	else
		device_set_down ${DEVICE}
	fi

	exit ${EXIT_OK}
}

function _discover() {
	local device=${1}

	if [ "$(device_get_type ${device})" != "real" ]; then
		exit ${EXIT_ERROR}
	fi

	local output
	output=$(pppoe-discovery -I ${device} -U $(uuid) 2>&1)

	# Exit if there was not output
	[ -z "${output}" ] && exit ${DISCOVER_ERROR}

	# Exit if PADI timed out
	grep -q "Timeout" <<<${output} && exit ${DISCOVER_ERROR}

	local ac
	while read line; do
		case "${line}" in
			Access-Concentrator:*)
				ac="${line#Access-Concentrator: }"
				;;
		esac
	done <<<"${output}"

	echo "ACCESS_CONCENTRATOR=\"$ac\""

	exit ${DISCOVER_OK}
}

run $@