#!/bin/sh
. /etc/functions.sh
PPP_IFACE="$1"
PPP_TTY="$2"
PPP_SPEED="$3"
PPP_LOCAL="$4"
PPP_REMOTE="$5"
PPP_IPPARAM="$6"
export PPP_IFACE PPP_TTY PPP_SPEED PPP_LOCAL PPP_REMOTE PPP_IPPARAM

logger -p 160.5 "[IP-UP] IFACE=$PPP_IFACE TTY=$PPP_TTY SPEED=$PPP_SPEED LOCAL=$PPP_LOCAL REMOTE=$PPP_REMOTE IPPARAM=$PPP_IPPARAM"
uci -q -P /var/state revert network.${PPP_IPPARAM}_dialnum

check_pptp_dialin_l2l() {
	local username
	local pptpdialin
	local pptpl2l
	local rnet
	local rmask
	
	account=$(last | grep -E " $PPP_IFACE ..*still logged in" | awk '{printf $1}')
	config_get username  $1	username
	wan_dev=$(uci -p /var/state/ -q get network.wan.ifname)
	if [ "$account" == "$username" ]; then
		config_get pptpdialin  $1	pptp_dialin
		config_get pptpl2l $1	pptp_l2l
		if [ "$pptpdialin" == "1" -a "$pptpl2l" == "1" ]; then
			config_get rnet  $1	remote_net
			config_get rmask  $1 remote_mask
			route add -net $rnet netmask $rmask dev $PPP_IFACE
			
			uci -q -P /var/state set network.vpnup.rnet_$PPP_IFACE=$rnet
			uci -q -P /var/state set network.vpnup.rmask_$PPP_IFACE=$rmask
			iptables -t nat -A zone_wan_nat -s $rnet/$rmask -o $wan_dev -j MASQUERADE
		fi
	fi
}

[ -z "$PPP_IPPARAM" -o -z "$PPP_LOCAL" ] || {
	if [ "$PPP_IPPARAM" == "wan" -o "$PPP_IPPARAM" == "3gwan" ]; then
		uci_set_state network "$PPP_IPPARAM" ipaddr "$PPP_LOCAL"
		uci_set_state network "$PPP_IPPARAM" gateway "$PPP_REMOTE"
		uci_set_state network "$PPP_IPPARAM" ifname "$PPP_IFACE"
		[ $(uci -q get network.$PPP_IPPARAM.proto) == "pppoe" ] && { 
			sh /etc/setup_shnat_pppoe.sh > /tmp/re
			sh /etc/check_shnat_ip.sh &
		}	
		sh /lib/firewall/user.sh &
	fi
	
	if [ "$PPP_IPPARAM" == "voipwan" -o "$PPP_IPPARAM" == "iptvwan" -o "$PPP_IPPARAM" == "mngtwan" ]; then
		uci_set_state network "$PPP_IPPARAM" ipaddr "$PPP_LOCAL"
		uci_set_state network "$PPP_IPPARAM" gateway "$PPP_REMOTE"
		uci_set_state network "$PPP_IPPARAM" ifname "$PPP_IFACE"
		ip route del default table $PPP_IPPARAM
		ip route add default via $PPP_REMOTE dev $PPP_IFACE table $PPP_IPPARAM
		ip rule add from $PPP_LOCAL/32 table $PPP_IPPARAM
	fi
}
[ -z "$PPP_IPPARAM" ] || env -i ACTION="ifup" INTERFACE="$PPP_IPPARAM" DEVICE="$PPP_IFACE" PROTO=ppp /sbin/hotplug-call "iface"

[ -d /etc/ppp/ip-up.d ] && {
	for SCRIPT in /etc/ppp/ip-up.d/*
	do
		[ -x "$SCRIPT" ] && "$SCRIPT" $@
	done
}

unit="${PPP_IFACE##ppp}"
if [ "$unit" -ge "30" ]; then
	local uppp_num
	local rnet
	local rmask
	
	VPNUP=$(cat /proc/uptime | awk '{print $1}')
	uci -q -P /var/state set network.vpnup.$PPP_IFACE=$VPNUP
	
	if [ "$unit" -le "400" ]; then
		idx=0
		while [ $(uci -q -c /etc/config/grocx/ get pptp.$idx.ppp_num) != "$unit"  -a "$idx" -lt "32" ]; do
			idx="$(($idx + 1))"
		done
		if [ "$idx" -lt "32" ]; then
			rm /tmp/pptp$idx 2>/dev/null
			rnet=$(uci -q -c /etc/config/grocx/ get pptp.$idx.remote_net)
			rmask=$(uci -q -c /etc/config/grocx/ get pptp.$idx.remote_mask)
			[ -n "$rnet" -a -n "$rmask" ] && route add -net $rnet netmask $rmask dev $PPP_IFACE
			
			# nat mode
			nat_mode=`uci -q -c /etc/config/grocx/ get pptp.$idx.nat_mode || echo 0`
			[ "$nat_mode" == "1" ] && {
				iptables -t nat -A POSTROUTING -s $(uci -q get network.lan.ipaddr)/$(uci -q get network.lan.netmask) -o $PPP_IFACE -j MASQUERADE
				flush-ipconntrack 1 &
			}
		
			droute=$(uci -q -c /etc/config/grocx/ get pptp.$idx.def_route)
			[ "$droute" == "1" ] && {
				def_dev=$(route -n | grep '^0.0.0.0' | awk '{printf $8}')
				remote_dn=`uci -q -c /etc/config/grocx/ get pptp.$idx.remote_ip || echo 1.2.3.4`
				remote_ip=`uci -q -P /var/state get network.wan.pptpsrv`
				wan_mtu=`uci -q get network.wan.mtu`
				gw_ip=`uci -P /var/state get network.wan.gateway`
				route add ${remote_ip:-remote_dn} gw ${gw_ip} dev ${def_dev:-br-wan}
				ip route flush cache
				route del default
				route add default dev $PPP_IFACE
				ip route flush cache
				iptables -A zone_wan_nat -t nat -s $(uci -q get network.lan.ipaddr)/$(uci -q get network.lan.netmask) -o $PPP_IFACE -j MASQUERADE
				[ -z "$wan_mtu" ] && {
					iptables -A zone_wan_MSSFIX -o $PPP_IFACE -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
				} || {
					let "wan_mss = wan_mtu - 40"
					iptables -A zone_wan_MSSFIX -o $PPP_IFACE -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss $wan_mss
				}	
				flush-ipconntrack 1 &
			}
			Tname=$(uci -q -c /etc/config/grocx/ get pptp.$idx.name)
			/sbin/pptp_static_route add T$Tname $PPP_IFACE
		fi
	else
		config_load /etc/config/grocx/users
		config_foreach check_pptp_dialin_l2l user
	fi
	
	[ -e /tmp/$PPP_IFACE ] && {
		mppe=$(cat /tmp/$PPP_IFACE 2>/dev/null | grep -o -E mppe)
		[ -n "$mppe" ] && {
			uci -q -P /var/state set network.vpnup.mppe_$PPP_IFACE=1
		}
		rm /tmp/$PPP_IFACE
	}
fi

wan_proto=$(uci -q get network.wan.proto)
if [ "$PPP_IFACE" == "ppp0" -a "$wan_proto" == "l2tp" ]; then
	server=$(uci -q -P /var/state/ get network.wan.l2tpsrv)
	[ -z "$server" ] && server=$(uci -q get network.wan.server || echo "0.0.0.0")
#	server=$(route -n | awk '$8 == "ppp0" { print $1; exit }')
	drouter=$(uci -q -P /var/state get network.wan.dhcprouter)
	wan_if=$(uci -q -P /var/state/ get network.wan.device)
	server_route=$(ip route get $server | grep $wan_if | grep -v via -c)
	if [ "$server" != "0.0.0.0" -a "$drouter" != "" -a  "$server_route" == "0" ]; then
		route add "$server" gw "$drouter"
	fi
	env -i ACTION="ifup" INTERFACE="wan" DEVICE="$PPP_IFACE" PROTO=l2tp /sbin/hotplug-call "iface"
fi

#if [ "$PPP_IPPARAM" == "wan" ]; then
#	en_ipsec=$(uci -c /etc/config/grocx/ get vtss_fw.@basic[0].enable_vpn)
#	if [ $en_ipsec = "1" ]; then
#		logger "restart ipsect in ppp ip-up..."
#		/etc/init.d/ipsec restart
#	fi
#fi
