#!/bin/sh
#
# APF 0.9.6 [apf@r-fx.org]
###
# Copyright (C) 1999-2004, R-fx Networks <proj@r-fx.org>
# Copyright (C) 2004, Ryan MacDonald <ryan@r-fx.org>
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program; if not, write to the Free Software
#    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
###
#
VER="0.9.6"
CNF="/etc/apf/conf.apf"

head() {
echo "APF version $VER <apf@r-fx.org>"
echo "Copyright (C) 1999-2004, R-fx Networks <proj@r-fx.org>"
echo "Copyright (C) 2004, Ryan MacDonald <ryan@r-fx.org>"
echo "This program may be freely redistributed under the terms of the GNU GPL"
echo ""
}

if [ -f "$CNF" ] && [ ! "$CNF" == "" ]; then
   source $CNF
else
   head
   echo "\$CNF not found, aborting."
   exit 1
fi

if [ ! -f $LOG_APF ]; then
        touch $LOG_APF
        chmod 600 $LOG_APF
        eout "status log not found, created"
fi

start() {
eout "activating firewall"
if [ ! -f "$DS_HOSTS" ]; then
	touch $DS_HOSTS
	chmod 600 $DS_HOSTS
fi
if [ ! -f "$DENY_HOSTS" ]; then
        touch $DENY_HOSTS
        chmod 600 $DENY_HOSTS
fi
if [ ! -f "$ALLOW_HOSTS" ]; then
        touch $ALLOW_HOSTS
        chmod 600 $ALLOW_HOSTS
fi
# generate vnet rules
$INSTALL_PATH/vnet/vnetgen
# start main firewall script
$INSTALL_PATH/firewall
# check for/load bandmin
LOAD=`cat /proc/loadavg | tr '.' ' ' | awk '{print$1}'`
 if [ ! "$LOAD" -gt "10" ]; then
	bandmin
 fi
eout "firewall initalized"
}

case "$1" in
-s|--start)
	start
	;;
-f|--flush|--stop)
	flush
	;;
-l|--list)
	list
	;;
-t|-st|--status)
	status
	;;

-r|--restart)
	$0 --flush
	$0 --start
	;;
-a|--allow)
	a_cli_tr $2 $3
	;;
-d|--deny)
	d_cli_tr $2 $3
	;;
-u|--unban)
	unban $2 >> /dev/null 2>&1
	eout "{delete} deny all to/from $2"
        echo "Deleted from firewall: Deny all to/from $2"

	;;
-o|--ovars)
	head
	ovars
	;;
*)
	head
	help
esac

exit 0
