# -*-eselect-*-  vim: ft=eselect
# Copyright 2005-2019 Gentoo Authors
# Distributed under the terms of the GNU GPL version 2 or later

DESCRIPTION="Manage the iptables and ip6tables symlink"
MAINTAINER="chris@christopherpritchard.co.uk"
VERSION="20200224"

IPTABLES_TARGETS=("iptables" "iptables-restore" "iptables-save")
IP6TABLES_TARGETS=("ip6tables" "ip6tables-restore" "ip6tables-save")

# find a list of xtables symlink targets
find_targets() {
    local f
    for f in "${EROOT}"/sbin/xtables-*-multi; do
        [[ -f ${f} ]] && basename "${f}"
    done
}

# remove the iptables symlink
remove_symlinks() {
    for ipt in ${IPTABLES_TARGETS[@]}; do
      rm -f "${EROOT}"/sbin/${ipt} &>/dev/null
    done
    if [[ ${IPV6} -eq 1 ]] && [[ ${IPV6_REMOVE} -eq 1 ]]; then
      for ip6t in ${IP6TABLES_TARGETS[@]}; do
        rm -f "${EROOT}"/sbin/${ip6t} &>/dev/null
      done
    fi
}

# set the iptables symlink
set_symlinks() {
    local target=$1 

    if is_number "${target}" && [[ ${target} -ge 1 ]]; then
        local targets=( $(find_targets) )
        target=${targets[target-1]}
    fi

    if [[ -z ${target} || ! -f ${EROOT}/sbin/${target} ]]; then
        die -q "Target \"$1\" doesn't appear to be valid!"
    fi

    for ipt in ${IPTABLES_TARGETS[@]}; do
      ln -s "${target}" "${EROOT}/sbin/${ipt}"
    done
    
    if [[ ${IPV6} -eq 1 ]]; then
      for ip6t in ${IP6TABLES_TARGETS[@]}; do
        ln -s "${target}" "${EROOT}/sbin/${ip6t}"
      done
    fi
}

### show action ###

describe_show() {
    echo "Show the current iptables symlink"
}

do_show() {
    if [[ -L ${EROOT}/sbin/ip6tables ]]; then
        IPV6=1
    fi
    write_list_start "Current iptables symlinks:"
    for ipt in ${IPTABLES_TARGETS[@]}; do
      if [[ -L ${EROOT}/sbin/${ipt} ]]; then
        local ipta=$(canonicalise "${EROOT}/sbin/${ipt}")
        write_kv_list_entry "${ipt}" "${ipta%/}"
      else
        write_kv_list_entry "${ipt}" "(unset)"
      fi
    done
    if [[ ${IPV6} -eq 1 ]]; then
      write_list_start "Current ip6tables symlinks:"
      for ip6t in ${IP6TABLES_TARGETS[@]}; do
        if [[ -L ${EROOT}/sbin/${ip6t} ]]; then
          local ipta=$(canonicalise "${EROOT}/sbin/${ip6t}")
          write_kv_list_entry "${ip6t}" "${ipta%/}"
        else
          write_kv_list_entry "${ip6t}" "(unset)"
        fi
      done
    fi
}
### list action ###

describe_list() {
    echo "List available iptables symlink targets"
}

do_list() {
    local i targets=( $(find_targets) )
    if [[ -L ${EROOT}/sbin/ip6tables ]]; then
        IPV6=1
    fi
    write_list_start "Available iptables symlink targets:"
    for (( i = 0; i < ${#targets[@]}; i++ )); do
        # highlight the target where the symlink is pointing to
        [[ ${targets[i]} = \
            $(basename "$(canonicalise "${EROOT}/sbin/iptables")") ]] \
            && targets[i]=$(highlight_marker "${targets[i]}")
    done
    write_numbered_list -m "(none found)" "${targets[@]}"
}

### set action ###

describe_set() {
    echo "Set a new iptables symlink target"
}

describe_set_parameters() {
    echo "[--ipv6] <target>"
}

describe_set_options() {
    echo "--ipv6: Forces creation of ip6tables symlinks"
    echo "target : Target name or number (from 'list' action)"
}

do_set() {
    if [[ ${1} == "--ipv6" ]]; then
        IPV6=1
        shift
    fi

    [[ -z $1 ]] && die -q "You didn't tell me what to set the symlink to"
    [[ $# -gt 2 ]] && die -q "Too many parameters"

    if [[ -L ${EROOT}/sbin/ip6tables ]]; then
        IPV6=1
        IPV6_REMOVE=1
    fi
    if [[ -L ${EROOT}/sbin/iptables ]]; then
        # existing symlink
        remove_symlinks || die -q "Couldn't remove existing symlink"
        set_symlinks "$1" || die -q "Couldn't set a new symlink"
    elif [[ -e ${EROOT}/sbin/iptables ]]; then
        # we have something strange
        die -q "${EROOT}/sbin/iptables exists but is not a symlink"
    else
        set_symlinks "$1" || die -q "Couldn't set a new symlink"
    fi
}