#!/bin/sh

alterator_api_version=1
. alterator-sh-functions
. alterator-net-functions
po_domain="alterator-net-iptables"

on_message()
{
  case "$in_action" in
    list)
      set_locale
      case "$in__objects" in
        our_ips)
          ip addr show |\
            sed -n -e '/ lo$/! s/^[[:space:]]*inet[[:space:]]\+\([0-9\.]\+\).* \([^[:space:]]\+\)$/\1 \1 (\2)/p'|\
            write_enum
        ;;
        rules)
          local key val
          iptables_helper dnat list |
            while read key val; do
              local proto="${key%%:*}"
              local key="${key#$proto:}"
              local ip1="${key%%:*}"
              local p1="${key#$ip1:}"
              local ip2="${val%%:*}"
              local p2="${val#$ip2:}"
              printf "$proto:$ip1:$p1 `_ "Forward %s packets for %s:%s to %s:%s"`\n"\
                "$proto" "$ip1" "$p1" "$ip2" "$p2"
            done | write_enum
        ;;
        protocols)
          write_enum_item "tcp" "TCP"
          write_enum_item "udp" "UDP"
        ;;
      esac
    ;;

    read)
      write_bool_param status "$(iptables_helper dnat status)"
      write_string_param commit_mode "$(iptables_helper show -c)"
      write_string_param rule "${rule:-$(iptables_helper dnat list | head -n1 | cut -f1)}"
    ;;

    add)
      set_locale
      local ans="$(iptables_helper dnat add \
                    "$in_proto:$in_ip1:$in_p1 $in_ip2:$in_p2"  2>&1)"
      [ -z "$ans" ] || write_error "${ans#iptables_helper*:}"
      rule="$in_proto:$in_ip1:$in_p1"
    ;;

    del)
      [ -n "$in_rule" ] || return
      set_locale
      local ans="$(iptables_helper dnat del "$in_rule"  2>&1)"
      [ -z "$ans" ] || write_error "${ans#iptables_helper*:}"
      rule=
    ;;

    switch)
      set_locale
      local status
      if [ "$in_status" = "#t" ]; then
        local ans="$(iptables_helper dnat on  2>&1)"
        [ -z "$ans" ] || write_error "${ans#iptables_helper*:}"
      else
        local ans="$(iptables_helper dnat off  2>&1)"
        [ -z "$ans" ] || write_error "${ans#iptables_helper*:}"
      fi
    ;;

  esac
}

message_loop
