#!/bin/bash
# 
# This script is used for Administration of RSBAC Network Template attributes
#
#
# Make sure we're really running bash.
#
[ -z "$BASH" ] && { echo "This menu requires bash" 1>&2; exit 1; }

#
# Cache function definitions, turn off posix compliance
#
set -h +o posix

# not used
ATTRIBUTES="rc_type \
            log_array_low log_array_high"

# Set conf filename
RSBACCONF=/etc/rsbac.conf
# Read settings
if test -f $RSBACCONF
then . $RSBACCONF
fi
if test -f ~/.rsbacrc
then . ~/.rsbacrc
fi
if test -z "$RSBACMOD"
then RSBACMOD='GEN MAC PM DAZ FF RC AUTH ACL CAP JAIL RES PAX'
fi
for i in $RSBACMOD
do
  export SHOW_${i}=yes
done

# The dir for tmp files
if test -z "$TMPDIR" ; then TMPDIR=/tmp ; fi

# This must be a unique temporary filename
if ! TMPFILE=`mktemp -q $TMPDIR/rsbac_dialog.XXXXXX`
then
  TMPFILE=$TMPDIR/rsbac_dialog.$$
  if test -e $TMPFILE
  then rm $TMPFILE
  fi
  touch $TMPFILE
  chmod 600 $TMPFILE
fi

# set this to rsbac bin dir, if not in path (trailing / is mandatory!)
#
#if test -z "$RSBACPATH" ; then RSBACPATH=./ ; fi

# set this to initial dir on script startup
LASTDIR='/proc'

# which dialog tool to use - dialog or kdialog or xdialog...
if test -z $DIALOG
then DIALOG=${RSBACPATH}dialog
fi
if ! $DIALOG --clear
then
  echo $DIALOG menu program required! >&2
  exit
fi
if ! $DIALOG --help 2>&1 | grep -q "help-button"
then
  echo "Newer dialog menu version >= 0.9a-20020309a with '--help-button' option" >&2
  echo "required, please use dialog from admin tools contrib dir or set" >&2
  echo "\$DIALOG to another dialog program, e.g. with rsbac_settings_menu!" >&2
  exit
fi

set_geometry ()
{
        BL=${1:-24}
        BC=${2:-80}
        [ $BL = 0 ] && BL=24
        [ $BC = 0 ] && BC=80
        export LINES=$BL
        export COLUMNS=$BC
        BL=$((BL-4))
        BC=$((BC-5))
        MAXLINES=$((LINES-10))
}

set_geometry `stty size 2>/dev/null`

gl ()
{
        if test $1 -gt $MAXLINES
        then echo $MAXLINES
        else echo $1
        fi
}
													
if test -z "$LINES" ; then LINES=25 ; fi
if test -z "$COLUMNS" ; then COLUMNS=80 ; fi
export LINES
export COLUMNS
declare -i BL=$LINES-4
declare -i BC=$COLUMNS-4
declare -i MAXLINES=$LINES-10

if test -z "$BACKTITLE"
then BACKTITLE="RSBAC Administration Tools 1.3.6"
fi
TITLE="`whoami`@`hostname`: RSBAC Network Device Administration"
HELPTITLE="$TITLE Help"
ERRTITLE="RSBAC Net Object Administration - ERROR"

## no changes below this line!

TYPE=NETDEV

show_help () {
  case "$RSBACLANG" in
    DE)
      show_help_german "$1"
      ;;
    RU)
      show_help_russian "$1"
      ;;
    *)
      show_help_english "$1"
      ;;
  esac
}

show_help_english () {
 {
  echo "$1"
  echo ""
  case "$1" in
    Quit)
        echo "Quit this menu."
      ;;

    'NetDev List:')
      echo "Choose Network Device from list."
      ;;

    "NetDev Name:")
      echo "Enter Network Device name."
      ;;

    'RC Type:')
        echo "Select the RC model NETDEV type for this object."
        echo ""
        $RSBACPATH""attr_get_net -A rc_type
      ;;

    'Log Array Low:' | 'Log Array High:')
        echo "Choose object based logging levels for this object."
        echo ""
        $RSBACPATH""attr_get_net -A log_array_low
      ;;

    'ACL Menu:')
        echo "Go to ACL menu."
      ;;

    'Reset Attributes:')
        echo "Call \'attr_set_net -m\' to get the attribute object for this object"
        echo "removed. As result, all attribute values will be reset to their"
        echo "default values. Use with care!"
      ;;

    *)
        echo "No help for $1 available!"
  esac
 } > $TMPFILE
  $DIALOG --title "$HELPTITLE" \
          --backtitle "$BACKTITLE" \
          --textbox $TMPFILE $BL $BC
#  sleep 1
}

show_help_german () {
 {
  echo "$1"
  echo ""
  case "$1" in
    Quit)
        echo "Beende dieses Men."
      ;;

    'NetDev List:')
      echo "Whle Netzwerk-Device aus einer Liste."
      ;;

    "NetDev Name:")
      echo "Netzwerk-Device-Namen eingeben."
      ;;

    'RC Type:')
        echo "Whle RC-Typ fr dieses Objekt."
        echo ""
        $RSBACPATH""attr_get_net -A rc_type
      ;;

    'Log Array Low:' | 'Log Array High:')
        echo "Whle objektabhngige Logging-Stufen fr dieses Objekt."
        echo ""
        $RSBACPATH""attr_get_net -A log_array_low
      ;;

    'ACL Menu:')
        echo "Gehe zum ACL-Men."
      ;;

    'Reset Attributes:')
        echo "Rufe \'attr_set_net -m\' auf, um die Attribut-Objekte fr dieses"
        echo "Objekt zu entfernen. Als Ergebnis werden alle Attribute auf ihre"
        echo "Standardwerte zurckgesetzt. Mit Vorsicht verwenden!"
      ;;

    *)
        echo "No help for $1 available!"
  esac
 } > $TMPFILE
  $DIALOG --title "$HELPTITLE" \
          --backtitle "$BACKTITLE" \
          --textbox $TMPFILE $BL $BC
#  sleep 1
}

show_help_russian () {
 {
  echo "$1"
  echo ""
  case "$1" in
    Quit)
        echo "Quit this menu."
      ;;

    'NetDev List:')
      echo "Choose Network Device from list."
      ;;

    "NetDev Name:")
      echo "Enter Network Device name."
      ;;

    'RC Type:')
        echo "Select the RC model NETDEV type for this object."
        echo ""
        $RSBACPATH""attr_get_net -A rc_type
      ;;

    'Log Array Low:' | 'Log Array High:')
        echo "Choose object based logging levels for this object."
        echo ""
        $RSBACPATH""attr_get_net -A log_array_low
      ;;

    'ACL Menu:')
        echo "Go to ACL menu."
      ;;

    'Reset Attributes:')
        echo "Call \'attr_set_net -m\' to get the attribute object for this object"
        echo "removed. As result, all attribute values will be reset to their"
        echo "default values. Use with care!"
      ;;

    *)
        echo "No help for $1 available!"
  esac
 } > $TMPFILE
  $DIALOG --title "$HELPTITLE" \
          --backtitle "$BACKTITLE" \
          --textbox $TMPFILE $BL $BC
#  sleep 1
}

get_attributes () {
  if test "$OBJECT" != "" 
    then
         if test "$SHOW_RC" = "yes"
         then
           RCTYPE=`$RSBACPATH""attr_get_net RC $TYPE rc_type $OBJECT`
         fi
         if test "$SHOW_GEN" = "yes"
         then
           LOGLOW=`$RSBACPATH""attr_get_net GEN $TYPE log_array_low $OBJECT`
           LOGHIGH=`$RSBACPATH""attr_get_net GEN $TYPE log_array_high $OBJECT`
         fi
  else
    RCTYPE=""
    LOGLOW=""
    LOGHIGH=""
  fi
}

onoff () {
   if test "$1" = "$2"
     then echo on
   else echo off
   fi
}

onoffb () {
   if test "$1" = "1"
     then echo on
   else echo off
   fi
}

type_name () {
  if test "$TYPE" = "NONE" -o -z "$1"
  then echo " "
  else if ! $RSBACPATH""rc_get_item TYPE $1 type_netdev_name
       then echo "(unknown)"
       fi
  fi
}

get_vname () {
  if test "$TYPE" = "NONE"
    then echo " "
         return
  fi
  if test -z "$2"
    then echo "N/A"
         return
  fi

  case $1 in
    rctype)
      case $2 in
        Error*) echo N/A
          ;;
        Use*) echo N/A
          ;;
        *) if ! $RSBACPATH""rc_get_item TYPE $2 type_netdev_name 2>/dev/null
           then echo $2
           fi
          ;;
      esac 
      ;;
    loglevel)
      case $2 in
        0) echo None
          ;;
        1) echo Denied
          ;;
        2) echo Full
          ;;
        3) echo Request
          ;;
        *) echo N/A
          ;;
      esac 
      ;;
    *) echo ERROR!
      ;;
  esac
}

gen_log_menu_items() {
  echo -n "" >${TMPFILE}.2
  for i in $REQUESTS
  do TMP=`$RSBACPATH""attr_get_net $TYPE log_array_low $i $OBJECT`
     echo $i `get_vname loglevel $TMP`>>${TMPFILE}.2
  done
}

log_menu () {
  if test -z "$REQUESTS"
    then REQUESTS=`$RSBACPATH""attr_get_net -n NETDEV`
  fi
  gen_log_menu_items
  while true ; do \
    if ! \
    $DIALOG --title "$TITLE" \
           --backtitle "$BACKTITLE" \
           --default-item "$REQ" \
           --menu "$OBJECT / $OBJNAME: Log Levels for Requests" $BL $BC `gl 45` \
                `cat ${TMPFILE}.2` \
                "Quit" "" \
         2>$TMPFILE
     then rm ${TMPFILE}.2
          LOGLOW=`$RSBACPATH""attr_get_net $TYPE log_array_low $OBJECT`
          LOGHIGH=`$RSBACPATH""attr_get_net $TYPE log_array_high $OBJECT`
          return
    fi
    REQ=`cat $TMPFILE`
    case "$REQ" in
      Quit)
        rm ${TMPFILE}.2
        LOGLOW=`$RSBACPATH""attr_get_net $TYPE log_array_low $OBJECT`
        LOGHIGH=`$RSBACPATH""attr_get_net $TYPE log_array_high $OBJECT`
        return
        ;;
      *)
        VAL=`grep "^$REQ " ${TMPFILE}.2|cut -f 2 -d ' '`
        if $DIALOG --title "$TITLE" \
                   --backtitle "$BACKTITLE" \
                   --radiolist "Choose Log Level for $OBJECT / $REQ" $BL $BC 5 \
                          0 `get_vname loglevel 0` `onoff None $VAL` \
                          1 `get_vname loglevel 1` `onoff Denied $VAL` \
                          2 `get_vname loglevel 2` `onoff Full $VAL` \
                          3 `get_vname loglevel 3` `onoff Request $VAL` \
          2>$TMPFILE
        then TMP=`cat $TMPFILE`
             if $RSBACPATH""attr_set_net $TYPE log_array_low $REQ $TMP $OBJECT &>$TMPFILE
             then
               if test -n "$RSBACLOGFILE"
               then
                 echo $RSBACPATH""attr_set_net $TYPE log_array_low $REQ $TMP $OBJECT >>"$RSBACLOGFILE"
               fi
               gen_log_menu_items
             else \
               $DIALOG --title "$ERRTITLE" \
                       --backtitle "$BACKTITLE" \
                       --msgbox "`head -n 1 $TMPFILE`" $BL $BC
             fi
        fi
    esac
done
}

netdev_desc () {
    case $1 in
      *:*)
          echo "Virtual device"
        ;;
      lo)
          echo "Loopback device"
        ;;
      eth*)
          echo "Ethernet device ${1:3}"
        ;;
      ppp*)
          echo "PPP device ${1:3}"
        ;;
      ippp*)
          echo "ISDN PPP device ${1:4}"
        ;;
      *)
        echo "Other device"
    esac
}

list_netdev_names () {
  TMP=`cat /proc/net/dev|grep ':'|cut -d ':' -f 1`
  for i in $TMP
  do
    echo $i `netdev_desc $i|tr ' ' '_'`
  done
}

declare -i MAXNAMELEN=$BC-34
name_print () {
  if test ${#1} -gt $MAXNAMELEN
  then
    declare -i START=${#1}-$MAXNAMELEN
    echo "$1" | cut -c$START-${#1}
  else
    echo "$1"
  fi
}

###################### Menu #################

if test "$1" != ""
then OBJECT=$1
else
  if $DIALOG --title "$TITLE" \
             --backtitle "$BACKTITLE" \
             --menu "Network Device" $BL $BC $MAXLINES "" \
                    `list_netdev_names` \
    2>$TMPFILE
  then OBJECT=`cat $TMPFILE`
  fi
fi
if test -n "$RSBACLOGFILE"
then
  {
    echo ""
    echo "# $0 start `date`"
  } >>"$RSBACLOGFILE"
fi
get_attributes $OBJECT

  {
    echo 'netdev_menu ()'
    echo '  {'    
    echo "    $DIALOG --title \"$TITLE\" \\"
    echo '       --backtitle "$BACKTITLE" \'
    echo '       --help-button --default-item "$CHOICE" \'
    echo '       --menu "Main NETTEMP Menu" $BL $BC `gl 10` \'
    echo '            "NetDev List:" "Choose from list of known devices" \'
    echo '            "NetDev Name:" "$OBJECT / `netdev_desc $OBJECT`" \'
    echo '            "----------------" " " \'
    if test "$SHOW_RC" = "yes"
    then
      echo '              "RC Type:" "$RCTYPE / `get_vname rctype $RCTYPE`" \'
    fi
    if test "$SHOW_GEN" = "yes"
    then
      echo '              "Log Array Low:" "$LOGLOW" \'
      echo '              "Log Array High:" "$LOGHIGH" \'
    fi
    echo '            "----------------" " " \'
    if test "$SHOW_ACL" = "yes"
    then
      echo '            "ACL Menu:" "Go to ACL menu" \'
    fi
    echo '            "Reset Attributes:" "Reset all values to default values" \'
    echo '            "Quit" ""'
    echo '  }'
  } > $TMPFILE

. $TMPFILE

#cp $TMPFILE /tmp/menu

while true
  do
    if ! netdev_menu 2>$TMPFILE
     then rm $TMPFILE ; exit
    fi


  CHOICE=`cat $TMPFILE`
  case "$CHOICE" in
    HELP*)
        show_help "${CHOICE:5}"
        CHOICE="${CHOICE:5}"
      ;;
    'NetDev List:')
        if $DIALOG --title "$TITLE" \
                   --backtitle "$BACKTITLE" \
                   --default-item "$OBJECT" \
                   --menu "Network Template" $BL $BC $MAXLINES \
                         `list_netdev_names` \
           2>$TMPFILE
        then OBJECT=`cat $TMPFILE`
             get_attributes
        fi
      ;;

    "NetDev Name:")
        if $DIALOG --title "$TITLE" \
                  --backtitle "$BACKTITLE" \
                  --max-input 16 \
                  --inputbox "Network Device Name (maxlen = 16):" $BL $BC $OBJECT \
           2>$TMPFILE
        then OBJECT=`cat $TMPFILE`
             get_attributes
        fi
      ;;

    'RC Type:')
        if test "$TYPE" != "NONE"
        then \
          if $RSBACPATH""rc_get_item list_netdev_types >$TMPFILE
          then \
            if $DIALOG --title "$TITLE" \
                      --backtitle "$BACKTITLE" \
                      --default-item "$RCTYPE" \
                      --menu "Choose RC Type for $OBJECT / $OBJNAME" $BL $BC $MAXLINES \
                      `cat $TMPFILE` \
               2>$TMPFILE
            then TMP=`cat $TMPFILE`
              if $RSBACPATH""attr_set_net $TYPE rc_type $TMP $OBJECT &>$TMPFILE
              then
                RCTYPE=$TMP
                if test -n "$RSBACLOGFILE"
                then
                  echo $RSBACPATH""attr_set_net $TYPE rc_type $TMP $OBJECT >>"$RSBACLOGFILE"
                fi
              else \
                $DIALOG --title "$ERRTITLE" \
                        --backtitle "$BACKTITLE" \
                        --msgbox "`head -n 1 $TMPFILE`" $BL $BC
              fi
            fi
          else \
            if $DIALOG --title "$TITLE" \
                      --backtitle "$BACKTITLE" \
                      --inputbox "RC Type (integer) for $OBJECT / $OBJNAME" \
                                 $BL $BC "$RCTYPE" \
                2>$TMPFILE
            then TMP=`cat $TMPFILE`
                 if $RSBACPATH""attr_set_net $TYPE rc_type $TMP $OBJECT &>$TMPFILE
                 then
                   RCTYPE=$TMP
                   if test -n "$RSBACLOGFILE"
                   then
                     echo $RSBACPATH""attr_set_net $TYPE rc_type $TMP $OBJECT >>"$RSBACLOGFILE"
                   fi
                 else \
                   $DIALOG --title "$ERRTITLE" \
                          --backtitle "$BACKTITLE" \
                          --msgbox "`head -n 1 $TMPFILE`" $BL $BC
                 fi
            fi
          fi
        else
                 $DIALOG --title "$ERRTITLE" \
                        --backtitle "$BACKTITLE" \
                        --msgbox "RC Type: No object specified!" 5 $BC
        fi
      ;;

    'Log Array Low:')
        if test "$TYPE" != "NONE"
        then \
          log_menu
        else
                 $DIALOG --title "$ERRTITLE" \
                        --backtitle "$BACKTITLE" \
                        --msgbox "Log Array Low: No object specified!" 5 $BC
        fi
      ;;

    'Log Array High:')
        if test "$TYPE" != "NONE"
        then \
          log_menu
        else
                 $DIALOG --title "$ERRTITLE" \
                        --backtitle "$BACKTITLE" \
                        --msgbox "Log Array High: No object specified!" 5 $BC
        fi
      ;;

    'ACL Menu:')
        $RSBACPATH""rsbac_acl_menu NETDEV "$OBJECT"
      ;;

    'Reset Attributes:')
        if test "$TYPE" != "NONE"
        then \
          if $DIALOG --title "$TITLE" \
                    --backtitle "$BACKTITLE" \
                    --yesno "Reset all attributes to default values?" 5 $BC \
             2>/dev/null
          then
            if $RSBACPATH""attr_set_net -m NETDEV "$OBJECT" &>$TMPFILE
            then
              get_attributes
              if test -n "$RSBACLOGFILE"
              then
                echo $RSBACPATH""attr_set_net -m NETDEV \"$OBJECT\" >>"$RSBACLOGFILE"
              fi
            else \
              $DIALOG --title "$ERRTITLE" \
                     --backtitle "$BACKTITLE" \
                     --msgbox "`head -n 1 $TMPFILE`" $BL $BC
            fi
          fi
        else
                 $DIALOG --title "$ERRTITLE" \
                        --backtitle "$BACKTITLE" \
                        --msgbox "Reset Attributes: No object specified!" 5 $BC
        fi
      ;;

    Quit)
        rm $TMPFILE ; exit
      ;;

    *)
        $DIALOG --title "$ERRTITLE" \
               --backtitle "$BACKTITLE" \
               --msgbox "Main Menu: Selection Error!" 5 $BC
  esac
# sleep 2
done
