#!/bin/sh

[ "$INTERFACE" = wan ] && exit
[ "$INTERFACE" = ffuplink ] && exit

. /lib/functions.sh
. /lib/functions/network.sh

proto="4"
#[ -f /proc/net/ipv6_route ] && proto="4 6"

enable=""
zones=""
strict=""
config_load freifunk-policyrouting
config_get enable pr enable
config_get strict pr strict
config_get zones pr zones

if [ "$ACTION" = "ifup" ] && [ "$enable" = "1" ]; then
    case $(uci get network.${INTERFACE}.proto) in none)
        # ubus status/netifd does not output ip4addr if proto=none
        net=$(ip -4 addr show dev ${DEVICE} scope global | sed -n '2s,^[[:space:]]\+inet \([^[:space:]]\+\).*,\1,p')
        #net6=$(ip -6 addr show dev ${DEVICE} scope global|sed -n '2s,^[[:space:]]\+inet6 \([^[:space:]]\+\).*,\1,p')
        ;;
    *)
        network_get_subnet net $INTERFACE
        #network_get_subnet6 net6 $INTERFACE
        ;;
    esac

    if [ "$net" != "" ] && [ -n "${DEVICE}" ]; then
        eval "$(/bin/ipcalc.sh $net)"
        if [ "$PREFIX" != "0" ] && [ "$NETWORK" != "127.0.0.0" ]; then
            if [ ! "$(ip route show table localnets | grep "$NETWORK/$PREFIX dev")" ]; then
                cmd="ip route add $NETWORK/$PREFIX dev ${DEVICE} table localnets"
                $cmd
                if [ "$?" = 0 ]; then
                    logger -s -t policyrouting "Add route: $cmd"
                else
                    logger -s -t policyrouting "Error! Could not add route: $cmd"
                fi
            fi
            if [ ! "$(ip route show table olsr | grep "$NETWORK/$PREFIX dev")" ]; then
                cmd="ip route add $NETWORK/$PREFIX dev ${DEVICE} table olsr"
                $cmd
                if [ "$?" = 0 ]; then
                    logger -s -t policyrouting "Add route: $cmd"
                else
                    logger -s -t policyrouting "Error! Could not add route: $cmd"
                fi
            fi

        fi

        if [ -n "$net6" ]; then
            cmd="ip -6 route add $net6 dev ${DEVICE} table localnets"
            $cmd >/dev/null 2>&1
            if [ "$?" = 0 ]; then
                logger -s -t policyrouting "Add route: $cmd (IPv6)"
            fi

        fi

        networks=""
        for z in $zones; do
            network_zone="$(uci -q get firewall.zone_${z}.network)"
            if [ -z "$network_zone" ]; then
                network_zone="$z"
            fi
            networks="$networks $network_zone"
        done
        for n in $networks; do
            if [ "$INTERFACE" = "$n" ]; then
                for p in $proto; do
                    logger -s -t policyrouting "Use mesh gateway for interface ${DEVICE} (IPv$p)"

                    # add olsr-tunnel rule (SmartGateway tunnel) if not present
                    if [ ! "$(ip -$p rule show | egrep "from all iif ${DEVICE} (\[detached\] )?lookup olsr-tunnel")" ]; then
                        ip -$p rule add dev "${DEVICE}" lookup olsr-tunnel prio 19999
                    fi

                    # add olsr-default rule (Default route from mesh) if not present
                    if [ ! "$(ip -$p rule show | egrep "from all iif ${DEVICE} (\[detached\] )?lookup olsr-default")" ]; then
                        ip -$p rule add dev "${DEVICE}" lookup olsr-default prio 20000
                    fi

                    # add unreachable rules (prevents using router's default route (without VPN))
                    if [ "$strict" != 0 ] && [ ! "$(ip -$p rule show | egrep "from all iif ${DEVICE} (\[detached\] )?unreachable")" ]; then
                        ip -$p rule add dev "${DEVICE}" unreachable prio 20001
                    fi

                    # uci stuff
                    if [ -z "$(uci -P /var/state get freifunk-policyrouting.${INTERFACE})" ]; then
                        uci -P /var/state set freifunk-policyrouting.${INTERFACE}="state"
                    fi
                    uci -P /var/state set freifunk-policyrouting.${INTERFACE}.device="${DEVICE}"

                done
            fi
        done
    fi
fi
