#!/bin/bash

# Do not edit this file, use ip-up.local instead.

# (C) 1997-2004 SuSE Linux AG, Nuernberg, Germany
# Klaus Franken 25.02.1998
# Remo Behn 18.07.1998
# Arvin Schnell 28.02.2002
# Ludwig Nussel 26.02.2004
# Send suggestions and comments to http://www.suse.de/feedback/

unset POSIXLY_CORRECT ; set +o posix # we're using non-posix bash features

BASENAME=${0##*/}
INTERFACE=$1
DEVICE=$2
SPEED=$3
LOCALIP=$4
REMOTEIP=$5
IPPARAM=$6

# send all output to syslog
exec > >(logger -p security.notice -t "$BASENAME") 2>&1

if [ -z "$REMOTEIP" ]; then
    echo "Usage: $0 <INTERFACE> <DEVICE> <SPEED> <LOCALIP> <REMOTEIP>"
    exit 1
fi

TERM=raw
export TERM

# smpppd-1.14 passes two single quoted paramters in $IPPARAM. The first one is
# the ifcfg filename, the second the provider.
parse_ipparam()
{
	case "$IPPARAM" in
		\'ifcfg-*) ;;
		*) return ;;
	esac
	eval set -- $IPPARAM
	[ "$#" -ne 2 ] && return
	
	ifcfg=${1##ifcfg-}
	provider=$2

	export ifcfg provider
}

# Automatic configuration of your nameserver config for peer supplied DNS
# and WINS servers when using the 'usepeerdns' option ('ms-get-dns' for
# ipppd) according to the modify policy in netconfig.
# The modifications are restored by netconfig when ip-down is called by
# pppd when the link goes down.
add_nameservers()
{
	{
		echo "INTERFACE='$INTERFACE'"
		echo "IPADDR='$LOCALIP'"
		echo "PTPADDR='$REMOTEIP'"
		#if [ "x$MODIFYDNS" = xyes ] ; then
			dnsservers=()
			if   [ "x$DNS1" != x -o "x$DNS2" != x ] ; then
				dnsservers=($DNS1 $DNS2)
			elif [ "x$MS_DNS1" != x -o "x$MS_DNS2" != x ] ; then
				dnsservers=($MS_DNS1 $MS_DNS2)
			elif [ -f /etc/sysconfig/network/providers/"$provider" ]; then
				dnsservers=(`. /etc/sysconfig/network/providers/"$provider"; test \$MODIFYDNS = yes && echo \$DNS1 \$DNS2`)
			fi
			echo "DNSSERVERS='${dnsservers[@]}'"
		#fi
		#if [ -n "x$MODIFYWINS" = xyes ] ; then
			winsservers=()
			if [ "x$MS_WINS1" != x -o "x$MS_WINS2" != x ] ; then
				winsservers=($MS_WINS1 $MS_WINS2)
			fi
			echo "NETBIOSNAMESERVER='${winsservers[@]}'"
		#fi
	} | /sbin/netconfig modify -s pppd -i "$INTERFACE"
}
restore_nameservers()
{
	# DoD. Keep assigned DNS servers
	if [ -f /etc/sysconfig/network/providers/"$provider" ]; then
		noremove=(`
			. /etc/sysconfig/network/providers/"$provider"
			if [ \$MODIFYDNS = yes -a \$DEMAND = yes ]; then
				echo 1
			fi
			`)
		test -z "$noremove" || return
	fi
	/sbin/netconfig remove -s pppd -i "$INTERFACE"
}

# using this function currently breaks Dial On Demand setups, because
# ifdown finally removes the device so the function calls are disabled
# now (bug #39048)
# run ifdown script to execute additional scripts
run_ifdown()
{
	[ -z "$ifcfg" -o -z "$INTERFACE" ] && return
	 /sbin/ifdown $ifcfg $INTERFACE -o dhcp 2>&1 | logger -t ifdown
}

# run ifup script to execute additional scripts
run_ifup()
{
	[ -z "$ifcfg" -o -z "$INTERFACE" ] && return
	 /sbin/ifup $ifcfg $INTERFACE -o dhcp 2>&1 | logger -t ifup
}

# start SuSEfirewall2 if configured
# TODO: let ifup/ifdown handle this
start_firewall()
{
	test "$FIREWALL" = "no" && return

	if test -x /etc/sysconfig/network/scripts/firewall ; then
		/etc/sysconfig/network/scripts/firewall try-restart
	fi
}

# /etc/ppp/poll.tcpip as shipped is able to set the system clock using
# ntpdate (see the NTPD_INITIAL_NTPDATE setting in
# /etc/sysconfig/ntp). It supports fetchmail with a system-wide
# /etc/fetchmailrc and can use UUCP to fetch mail over TCP/IP, provided
# that UUCP is configured properly. Last not least it also calls
# sendmail to send any queued mail
run_poll_tcpip()
{
	[ "$RUN_POLL_TCPIP" != "yes" ] && return

	/etc/ppp/poll.tcpip | logger -p security.notice -t poll.tcpip > /dev/null &
}

# run ip-up/ip-down scripts
# $1 = basename
run_scripts()
{
	name="$1" ; shift
	[ -n "$name" ] || return

	if test -x /etc/ppp/$name.local ; then
	    /etc/ppp/$name.local "$@" | logger -p security.notice -t $name.local > /dev/null &
	fi


	if [ -d /etc/ppp/$name.d ]; then
		for SCRIPT in /etc/ppp/$name.d/*; do
			[ -d $SCRIPT -o ! -x $SCRIPT ] && continue;
			# ignore backup files and leftovers from rpm
			case $SCRIPT in
			    *.rpmsave|*.rpmnew|*rpmorig|*~) continue ;;
			esac
			$SCRIPT "$@" | logger -p security.notice -t $SCRIPT > /dev/null &
		done
	fi
}

isdn_restartinterface()
{
	[ -z "$isdn" ] && return;

	LINK_OPT=""
	test "$DYNAMICIP" = "yes" && LINK_OPT="$LINK_OPT dynamic on"
	/sbin/ip addr flush dev $INTERFACE
	/sbin/ip link set $INTERFACE down
	/sbin/ip link set $INTERFACE up $LINK_OPT
	/sbin/ip addr add dev $INTERFACE local $IPADDR peer $PTPADDR

	# set routes from /etc/sysconfig/network/routes (only for dod)
	if [ "$DIALMODE" = "auto" ] ; then
	    /etc/sysconfig/network/scripts/ifup-route $INTERFACE
	fi
}


parse_ipparam


isdn="" # non-zero if called by ipppd
case "$INTERFACE" in
    ippp*)
	[ -z "$ifcfg" ] && ifcfg="$INTERFACE"
	isdn=yes
	;;
    *)
	;;
esac

#########
# TODO: let ifup/ifdown handle this

# config file common to all interfaces, needed for global firewall setting
. /etc/sysconfig/network/config

# interface specific config file if any
if [ -n "$ifcfg" -a -r /etc/sysconfig/network/ifcfg-"$ifcfg" ]; then
    . /etc/sysconfig/network/ifcfg-"$ifcfg"
fi

#########

case "$BASENAME" in
    *-up)
	add_nameservers
	
	start_firewall

	if [ ${BASENAME%-*} = "ip" ]; then
		# ip_resend hook
		test "$IP_RESEND" = "yes" -a -x /usr/sbin/ip_resend_wakeup && \
		    /usr/sbin/ip_resend_wakeup -m $LOCALIP -o $INTERFACE

		run_poll_tcpip
	fi

	# run additional scripts
	run_scripts $BASENAME "$@"

	#run_ifup

	;;
    *-down)

	restore_nameservers

	isdn_restartinterface
	
	start_firewall

	if [ ${BASENAME%-*} = "ip" ]; then
		# ip_resend hook
		test "$IP_RESEND" = "yes" -a -x /usr/sbin/ip_resend && \
		    /usr/sbin/ip_resend -o $INTERFACE $IP_RESEND_PARAMETER
	fi

	# run additional scripts
	run_scripts $BASENAME "$@"

	#run_ifdown

	;;
esac
