## -*- mode: shell-script; -*- 
##
## To be able to make changes to the part of configuration created
## from this configlet you need to copy this file to the directory
## fwbuilder/configlets/bsd/ in your home directory and modify it.
## Double "##" comments are removed during processing but single "#"
## comments are be retained and appear in the generated script. Empty
## lines are removed as well.  
##
## Configlets support simple macro language with these constructs:
## {{$var}} is variable expansion
## {{if var}} is conditional operator.
##
############ CARP interfaces ############################################
##


## This function synchronizes carp interfaces between fwbuilder objects
## and actual configuration of the firewall machine. Carp interfaces not
## listed as arguments will be deleted and those in the arguments will be
## created if missing.
##
## This function only executes "ifconfig carp0 create" or "ifconfig carp0 destroy"
## commands. Other parameters of carp interfaces should be set up separately
## (see configlet carp_interface for that)
##
## sync_carp_interfaces carp0 carp1

sync_carp_interfaces() {
    $IFCONFIG {{if openbsd}}-A{{endif}} | awk -v IGNORED="$*" \
        'BEGIN {
           split(IGNORED,ignored_arr);
           for (a in ignored_arr) {ii=ignored_arr[a]":"; ignored_dict[ii]=1;}
         }
         ($1 ~ /^carp[0-9]/ && !($1 in ignored_dict)) {print $1;}' | sed 's/://' |\
         while read intf; do
            echo "# Deleting carp interface $intf"
             $FWBDEBUG $IFCONFIG $intf destroy
         done

    for intf in $*; do
        $IFCONFIG $intf >/dev/null 2>&1 || {
            echo "# Creating carp interface $intf"
            $SYSCTL -w net.inet.carp.allow=1
            $FWBDEBUG $IFCONFIG $intf create || {
                echo "Error: CARP interface $intf could not be created. Does the kernel have CARP enabled?"
                exit 1
            }
        }
    done
}
