#!/bin/bash 

# FIAIF is an Intelligent firewall, version: $Revision: 1.12 $
# Startup script to add firewall functionality.
#
# Script Author:	Anders Fugmann <afu at fugmann dot net>
# 
# FIAIF is an Intelligent firewall
# Copyright (C) 2002-2003 Anders Peter Fugmann
# This package comes with ABSOLUTELY NO WARRANTY
# Use strictly at your own risk.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

shopt -s extglob
WEB_HOME="http://www.fiaif.net/"
WEB_VERSION="${WEB_HOME}/VERSION"
FILES="RESERVED_NETWORKS PRIVATE_NETWORKS"

WEB_RESERVED_NETWORKS="${WEB_HOME}/conf/reserved_networks"
WEB_PRIVATE_NETWORKS="${WEB_HOME}/conf/private_networks"

WGET_PARAM="--user-agent=FIAIF --quiet --cache=off"
DIFF_OPTIONS="-U 0 -bB"
source /usr/share/fiaif/constants.sh
source ${CONF_FILE}

function check_version ()
{
    local RETURN
    local TMP_FILE=$(mktemp /tmp/fiaif-tmp.XXXXXX)
    wget ${WGET_PARAM} --output-document=${TMP_FILE} ${WEB_VERSION}
    local NEW_VERSION=$(<${TMP_FILE})
    local CURR_VERSION=$(<${VERSION_FILE})

    local V
    NEW_VERSION_NR=0
    for V in ${NEW_VERSION//./ }; do
	let NEW_VERSION_NR=NEW_VERSION_NR*1000+V
    done

    CURR_VERSION_NR=0
    for V in ${CURR_VERSION//./ }; do
	let CURR_VERSION_NR=CURR_VERSION_NR*1000+V
    done

    
    if (( NEW_VERSION_NR > CURR_VERSION_NR )); then
	if (( VERBOSE == 1 )); then
	    echo "New FIAIF version ${NEW_VERSION} available."
	fi
	RETURN=0
    else
	if (( VERBOSE == 1 )); then
	    echo "FIAIF is up-to-date."
	fi
	RETURN=1
    fi
    rm -f ${TMP_FILE}
    
    return ${RETURN}
}

function update_file ()
{
    ORIG_FILE=$1
    NEW_FILE=$2
    NEW_VERSION=$3
    
    local ANS=""
    echo "New version of $(basename ${ORIG_FILE}) found."
    diff ${DIFF_OPTIONS} ${ORIG_FILE} ${NEW_FILE}
    if (( VERBOSE == 1 )); then
	while [[ "${ANS}" != @(Y|y|N|n) ]]; do
	    read -p "Update $(basename ${ORIG_FILE}) to version ${NEW_VERSION} (y|n)" ANS
	done
    else
	ANS="y"
    fi
    
    case ${ANS} in
	Y|y)
	    echo "${ORIG_FILE} updated to version ${NEW_VERSION}"
	    mv -f ${ORIG_FILE} ${ORIG_FILE}.old
	    mv -f ${NEW_FILE} ${ORIG_FILE}
	    ;;
	N|n)
	    mv -f ${NEW_FILE} ${ORIG_FILE}.new
	    ;;
    esac
}

function update_networks ()
{
    local FILE=$1
    local WEB_FILE=WEB_${FILE}
    WEB_FILE=${!WEB_FILE}
    local LOCAL_FILE=${CONF_DIR}/${!FILE}

    local RETURN
    local TMP_FILE=$(mktemp /tmp/fiaif-tmp.XXXXXX)
    wget ${WGET_PARAM} --output-document=${TMP_FILE} ${WEB_FILE}
    # Examine if an update is nessesary, by looking at the first line.
    local V

    local NEW_VERSION=$(head -n 1 ${TMP_FILE} | cut -d" " -f 4)

    local NEW_VERSION_NR=0
    for V in ${NEW_VERSION//./ }; do
	let NEW_VERSION_NR=NEW_VERSION_NR*1000+V
    done
    
    declare -a LINE=( $(head -n 1 ${LOCAL_FILE}) )
    local CURR_VERSION=$(head -n 1 ${LOCAL_FILE} | cut -d" " -f 4)
    local CURR_VERSION_NR=0
    for V in ${CURR_VERSION//./ }; do
	let CURR_VERSION_NR=CURR_VERSION_NR*1000+V
    done
    
    if (( NEW_VERSION_NR > CURR_VERSION_NR )); then	
       	update_file ${LOCAL_FILE} ${TMP_FILE} ${NEW_VERSION}
	RETURN=0
    else
	if (( VERBOSE == 1 )); then
	    echo "${FILE} is up-to-date."
	fi	    
	RETURN=1
    fi

    rm -f ${TMP_FILE}
    return ${RETURN}

}

function usage ()
{
    echo "Usage: $0 [--silent] [--help] <check|update>"
}

# Read all options
VERBOSE=1

while [[ "${1:0:2}" == "--" ]]; do 
    
    case $1 in
	--silent)
	    VERBOSE=0
	    ;;
	--help)
	    usage 
	    exit 0
	    ;;
	*)
	    echo "Unknown option: '$1'"
	    ;;
    esac
    shift 1
done
	      
case $1 in 
    check)
	check_version
	;;
    update)
	RETURN=1
	for FILE in ${FILES}; do
	    if update_networks ${FILE}; then
		RETURN=0
	    fi
	done
	exit ${RETURN}
	;;
    *) 
	usage
	;;
esac
