#!/bin/sh

### BEGIN INIT INFO
# Provides:          oci-poc-virtual-network
# Required-Start:    $network
# Required-Stop:     $network
# Should-Start:      $local_fs
# Should-Stop:       $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: A small script to initialise iptables to allow forwarding and masquerading.
# Description:       A small script to initialise iptables to allow forwarding and masquerading.
### END INIT INFO

. /lib/lsb/init-functions

MODPROBE=/sbin/modprobe
IPTABLES=/sbin/iptables
if ! [ -r /etc/oci-poc/oci-poc.conf ] ; then
	echo "Cannot find /etc/oci-poc/oci-poc.conf"
	exit 1
fi
. /etc/oci-poc/oci-poc.conf

GUEST_NUMBER_LIST=$(seq -s ' ' 1 $((${NUMBER_OF_GUESTS} * 2)))

fake_ifs () {
        echo 1 >/proc/sys/net/ipv4/ip_forward
        echo 1 >/proc/sys/net/ipv6/conf/all/forwarding

	$MODPROBE dummy

	# Create a dummy interface called mynic0
	ip link add ${HOST_DUMMYNET_IFNAME} type dummy

	# Set its MAC address
	ifconfig ${HOST_DUMMYNET_IFNAME} hw ether ${HOST_DUMMYNET_MAC}

	# Add a tap devices
	for i in 0 ${GUEST_NUMBER_LIST} ; do
		ip tuntap add dev ${GUEST_TAPIF_PREFIX}${i} mode tap user root
	done

	# Create a bridge, and bridge to it mynic0 and all taps
	brctl addbr ${HOST_BRIDGE_NAME}
	brctl addif ${HOST_BRIDGE_NAME} ${HOST_DUMMYNET_IFNAME}
	for i in 0 ${GUEST_NUMBER_LIST} ; do
		brctl addif ${HOST_BRIDGE_NAME} ${GUEST_TAPIF_PREFIX}${i}
	done

	# Set an IP addresses to the bridge
	ifconfig ${HOST_BRIDGE_NAME} ${HOST_BRIDGE_GW} netmask 255.255.255.0 up
	# also v6...
	ip addr add fd5d:12c9:2201:1::1/24 dev ${HOST_BRIDGE_NAME}

	# Add all cluster networks configured
	for network_cidr in ${CLUSTER_NETWORK_CIDRS} ; do
		IP_MIN=$(ipcalc ${network_cidr} | grep ^HostMin: | awk '{print $2}')
		CIDR=$(echo ${network_cidr} | cut -d/ -f2)
		IP_CIDR=${IP_MIN}/${CIDR}
		ip addr add ${IP_CIDR} dev ${HOST_BRIDGE_NAME}
	done

	# Make sure all interfaces are up
	ip link set ${HOST_BRIDGE_NAME} up
	for i in 0 ${GUEST_NUMBER_LIST} ; do
		ip link set ${GUEST_TAPIF_PREFIX}${i} up
	done

	# Set basic masquerading for both ipv4 and 6
	iptables -I FORWARD -s ${HOST_BRIDGE_NET} -j ACCEPT
	iptables -t nat -I POSTROUTING -s ${HOST_BRIDGE_NET} -j MASQUERADE
	# Add all cluster networks configured
	for network_cidr in ${CLUSTER_NETWORK_CIDRS} ; do
		iptables -I FORWARD -s ${network_cidr} -j ACCEPT
		iptables -t nat -I POSTROUTING -s ${network_cidr} -j MASQUERADE
	done
	ip6tables -I FORWARD -s ${HOST_BRIDGE_NET6} -j ACCEPT
	ip6tables -t nat -I POSTROUTING -s ${HOST_BRIDGE_NET6} -j MASQUERADE

	# Forward to OCI's web interface
	iptables -t nat -I PREROUTING -p tcp -i ${HOST_MGMT_INTERFACE} --dport 80 -j DNAT --to-destination ${OCI_VM_IP}:80
	iptables -t nat -I PREROUTING -p tcp -i ${HOST_MGMT_INTERFACE} --dport 443 -j DNAT --to-destination ${OCI_VM_IP}:443
	# Forward the radius ports 1812 and 1813
	iptables -t nat -I PREROUTING -p udp -i ${HOST_MGMT_INTERFACE} --dport 1812 -j DNAT --to-destination ${OCI_VM_IP}:1812
	iptables -t nat -I PREROUTING -p udp -i ${HOST_MGMT_INTERFACE} --dport 1813 -j DNAT --to-destination ${OCI_VM_IP}:1813
}

stop_fake_ifs () {
        iptables -F FORWARD
        ip6tables -F FORWARD
        iptables -t nat -F POSTROUTING
        ip6tables -t nat -F POSTROUTING
        ip addr del ${HOST_BRIDGE_NET6} dev ${HOST_BRIDGE_NAME} || true
        ifconfig ${HOST_BRIDGE_NAME} down || true
        brctl delif ${HOST_BRIDGE_NAME} ${HOST_DUMMYNET_IFNAME} || true
	for i in 0 ${GUEST_NUMBER_LIST} ; do
	        brctl delif ${HOST_BRIDGE_NAME} ${GUEST_TAPIF_PREFIX}${i} || true
	done
	# Add all cluster networks configured
	for network_cidr in ${CLUSTER_NETWORK_CIDRS} ; do
		IP_MIN=$(ipcalc ${network_cidr} | grep ^HostMin: | awk '{print $2}')
		CIDR=$(echo ${network_cidr} | cut -d/ -f2)
		IP_CIDR=${IP_MIN}/${CIDR}
		ip addr del ${IP_CIDR} dev ${HOST_BRIDGE_NAME}
	done
        brctl delbr ${HOST_BRIDGE_NAME} || true
        ip link delete ${HOST_DUMMYNET_IFNAME} || true
	for i in 0 ${GUEST_NUMBER_LIST} ; do
	        ip tuntap delete ${GUEST_TAPIF_PREFIX}${i} mod tap || true
	done
}

case "${1}" in
start|systemd-start)
        fake_ifs
;;
stop)
	stop_fake_ifs
;;
restart|reload|force-reload)
	$0 stop
	sleep 1
	$0 start
;;
*)
	echo "Usage: $0 {start|stop|restart|reload}"
	exit 1
;;
esac

exit 0
