#!/bin/sh
#
# manage network interfaces and configure some networking options

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
INTERFACES="/etc/network/interfaces"
. /var/config/wlan.conf
box=`cat /etc/boxtype`

if ! [ -x /sbin/ifup ]; then
    exit 0
fi

interface=eth0

set_interfaces()
{
    FOUND=0
    LINES=`cat $INTERFACES | sed 's/^[ \t]*//' | sed -e 's# #_#g' | sed -e 's#\n# #g' `
    for ROUND in $LINES; do
     if [ `echo "$ROUND" | grep "#" | wc -l` -eq 0 ]; then
      if [ `echo "$ROUND" | grep "iface_$interface" | wc -l` -gt 0 ]; then
    	  if [ `echo "$ROUND" | grep "dhcp" | wc -l` -gt 0 ]; then
                if [ $box == ufs910 ]; then
                    udhcpc -i $interface -q -s /etc/init.d/dhcp
                else
                    udhcpc -i $interface
                fi
    	    break
    	  else  
    	    FOUND=1
    	  fi  
    	fi
    	if [ $FOUND -eq 1 ]; then
    	  if [ `echo "$ROUND" | grep "address" | wc -l` -gt 0 ]; then
    	    ADDRESS=`echo "$ROUND" |sed 's/[ \t]*$//' | cut -d"_" -f 2`
    	  else
    	    if [ `echo "$ROUND" | grep "netmask" | wc -l` -gt 0 ]; then
    	      NETMASK=`echo "$ROUND" |sed 's/[ \t]*$//' | cut -d"_" -f 2`
    	    else  
    	      if [ `echo "$ROUND" | grep "gateway" | wc -l` -gt 0 ]; then
    	        GATEWAY=`echo "$ROUND" |sed 's/[ \t]*$//' | cut -d"_" -f 2`
    	      fi
    	    fi
    	  fi      
    	fi
     fi	
    done
    if [ $FOUND -eq 1 ]; then
      if [ $ADDRESS ]; then
        ifconfig $interface $ADDRESS
      fi
      if [ $NETMASK ]; then
        ifconfig $interface netmask $NETMASK
      fi
      if [ $GATEWAY ]; then
    	  route del default gw 0.0.0.0
        route add default gw $GATEWAY
      fi
    fi  
}


spoofprotect_rp_filter () {
    # This is the best method: turn on Source Address Verification and get
    # spoof protection on all current and future interfaces.
    
    if [ -e /proc/sys/net/ipv4/conf/all/rp_filter ]; then
        for f in /proc/sys/net/ipv4/conf/*; do
	    [ -e $f/rp_filter ] && echo 1 > $f/rp_filter
        done
        return 0
    else
        return 1
    fi
}

spoofprotect () {
    echo -n "Setting up IP spoofing protection: "
    if spoofprotect_rp_filter; then
        echo "rp_filter."
    else
        echo "FAILED."
    fi
}

ip_forward () {
    if [ -e /proc/sys/net/ipv4/ip_forward ]; then
        echo -n "Enabling packet forwarding... "
        echo 1 > /proc/sys/net/ipv4/ip_forward
        echo "done."
    fi
}

syncookies () {
    if [ -e /proc/sys/net/ipv4/tcp_syncookies ]; then
        echo -n "Enabling TCP/IP SYN cookies... "
        echo 1 > /proc/sys/net/ipv4/tcp_syncookies
        echo "done."
    fi
}

wpa_supplicantcheck () {
    if [ -e /var/run/wpa_supplicant ]; then
        echo -n "disabling wpa_supplicant "
        start-stop-daemon -K -x /usr/sbin/wpa_supplicant
        # HACK: wpa_supplicant sometimes doesn't quit properly on SIGTERM.
        if [ -e /var/run/wpa_supplicant ]; then
        	echo -n "wpa_supplicant still running, force kill now.. "
        	killall -9 /usr/sbin/wpa_supplicant
        	rm -rf /var/run/wpa_supplicant
        	echo "done."
    		fi
        echo "done."
    fi
}

doopt () {
    optname=$1
    default=$2
    opt=`grep "^$optname=" /etc/network/options`
    if [ -z "$opt" ]; then
        opt="$optname=$default"
    fi
    optval=${opt#$optname=}
    if [ "$optval" = "yes" ]; then
        eval $optname
    fi
}

case "$1" in
    start)
	doopt spoofprotect yes
        doopt syncookies no
        doopt ip_forward no

        echo -n "Configuring network interfaces... "
	wpa_supplicantcheck
        if [ $lan == disable ]; then
            ifup $iface
        else
            ifup -a
            set_interfaces
        fi
	echo "done."
	;;
    stop)
        if sed -n 's/^[^ ]* \([^ ]*\) \([^ ]*\) .*$/\1 \2/p' /proc/mounts | 
          grep -q "^/ nfs$"; then
            echo "NOT deconfiguring network interfaces: / is an NFS mount"
        elif sed -n 's/^[^ ]* \([^ ]*\) \([^ ]*\) .*$/\1 \2/p' /proc/mounts |  
          grep -q "^/ smbfs$"; then
            echo "NOT deconfiguring network interfaces: / is an SMB mount"
	elif sed -n 's/^[^ ]* \([^ ]*\) \([^ ]*\) .*$/\2/p' /proc/mounts | 
          grep -qE '^(nfs|smbfs|ncp|coda)$'; then
            echo "NOT deconfiguring network interfaces: network shares still mounted."
        else
            echo -n "Deconfiguring network interfaces... "
            if [ $box != ufs910 ]; then
            	ifdown -a
            fi
            wpa_supplicantcheck
	    echo "done."
        fi
	;;
    restart)
        echo -n "Reconfiguring eth0 network interfaces... "
        if [ $box != ufs910 ]; then
            ifdown -a
        fi
        wpa_supplicantcheck
        if [ $lan == disable ]; then
            ifup $iface
        else
            ifup -a
            set_interfaces
        fi
	echo "Reconfiguring done."
	;;
    *)
	echo "Usage: /etc/init.d/networking {start|stop|restart}"
	exit 1
	;;
esac

loopback_test=`ifconfig | grep Loopback | awk '{print $1}'`
    if [ -z $loopback_test ]; then
        ifconfig lo up
    fi

exit 0

