#!/bin/bash
#
# cool solutions 2006 ; a fragment of 2004's
#

DEC=$1

DIR=`dirname $0`
cd $DIR

CONFIG=/ips/setup/.config

. $CONFIG


if [ "$QOS_BRIDGE" = "1" ]; then
   REJECT=DROP
else
   REJECT=REJECT
fi

# 18.09.2007
export LEV_LANDEV=1

. /ips/ip2/.functions

if [ "$ANYIP" = "" ]; then
    ANYIP=`cat /ips/ip2/IP1 2> /dev/null`
    ANYDEV=`cat /ips/ip2/DEV1 2> /dev/null`
fi 

HTML=

ME=`basename $0`

IP2=ip2

IPS=ips

AMIP=1
 

umask 000

cd "/ips/ips"

IPTABLES=/ips/iptables
#TFAXC=$IPSS/tfxc


   #################################################################

noip() {

IP=$1

if [ "$DOIT2" != "1" ]; then

# delete REJECT 
$IPTABLES -D FORWARD -s $IP  -j $REJECT 2> /dev/null
$IPTABLES -D FORWARD -d $IP  -j $REJECT 2> /dev/null

fi

# insert REJECT
$IPTABLES -I FORWARD -s $IP  -j $REJECT 2> /dev/null
$IPTABLES -I FORWARD -d $IP  -j $REJECT 2> /dev/null


}

yesip() {

IP=$1

if [ "$DOIT2" != "1" ]; then

# delete REJECT
$IPTABLES -D FORWARD -s $IP  -j $REJECT 2> /dev/null
$IPTABLES -D FORWARD -d $IP  -j $REJECT 2> /dev/null

fi

}

   #################################################################


no() {

  IP=$1
  noip $IP

}

yes() {

  IP=$1
  yesip $IP
  
}

if [ "$DEC" = "--init"  ]; then
   DOIT2=1
else
   DOIT2=
fi


if [ "$DEC" != "" -a  "$DEC" = "--html-doit"  ]; then

IP=$2
OPE=$3

I=`echo $IP | cut -f4-4 -d "."`

maybeali $I
   if [ "$ALIIP" != ""  ]; then
      # nr > 254 can be a computer with IP ALIP
      IP="$ALIIP" 
   fi


HTML=1


   if [ "$OPE" = "1" ]; then 

      # stop
      no $IP  

      #rm -f $I 2> /dev/null > /dev/null 
      mv -f $I $I-n 2> /dev/null > /dev/null 
      
      # individual script off
      if [ -f /ips/off/$I ]; then
              /ips/off/$I $IP
      fi

   elif [ "$OPE" = "2" ]; then 

      # no limit
      echo '*' > $I 
      yes $IP 

      rm -f $I-n 2> /dev/null > /dev/null 

      # individual script on
      if [ -f /ips/on/$I ]; then
              /ips/on/$I $IP
      fi
      

    fi 

   exit

fi


if [ "$DEC" != "" -a "$DEC" = "--init"  ]; then

# 1.10.5-1 
#CL=$[ I >= 255 ]
#if [ "$CL" = "1" ]; then
#   continue
#fi


#export LEV_LANDEV=1

for I in $ALL ; do

IP=$SUBNET$I

# 1.10.9 
ALIIP=
maybeali $I
   if [ "$ALIIP" != ""  ]; then

      # nr > 254 can be a computer with IP ALIP
      IP="$ALIIP" 

   else

      if [ "$I" = "$ADR" ]; then
        continue
      fi   


      Z=$[ I > 254 ]
      if [ "$Z" = "1" ]; then
        continue
      fi   
      if [ -f /ips/gro/c-$I ]; then
      # class
        continue
      fi
      if [ -f /ips/gro/s-$I ]; then
      # class
        continue
      fi
  
   fi



# olek if [ -f  "$IP" ]; then
if [ -f  "$I" ]; then

      X=`cat $I`
      if [ "$X" = "*" ]; then
         echo " enabling $IP"
         yes $IP 
      else
         echo disabling $IP
         no $IP
      fi
else
      echo disabling $IP
      no $IP 
fi

done

exit 

fi

echo "nothing done"



