#!/bin/sh

alterator_api_version=1
. alterator-sh-functions
. alterator-net-functions
po_domain="alterator-net-iptables"

on_message()
{
  case "$in_action" in
    list)
      set_locale
      case "$in__objects" in
        our_ips)
          ip addr show |\
            sed -n -e '/ lo$/! s/^[[:space:]]*inet[[:space:]]\+\([0-9\.]\+\).* \([^[:space:]]\+\)$/\1 \1 (\2)/p'|\
            write_enum
        ;;
        rules)
          for rule in $(iptables_helper show -D); do
            echo "$rule" |\
            while IFS=":" read proto ip1 p1 ip2 p2; do
              printf "$rule `_ "Forward %s packets for %s:%s to %s:%s"`\n"\
                "$proto" "$ip1" "$p1" "$ip2" "$p2"
            done
          done | write_enum
        ;;
        protocols)
          write_enum_item "tcp" "TCP"
          write_enum_item "udp" "UDP"
        ;;
      esac
    ;;
    write)
      set_locale
      if [ -n "$in_add" ]; then
        local ans="$(iptables_helper write \
          -D "+$in_proto:$in_ip1:$in_p1:$in_ip2:$in_p2"  2>&1)"
        [ -z "$ans" ] || write_error "${ans#iptables_helper*:}"
      elif [ -n "$in_del" ]; then
        local ans="$(iptables_helper write \
          -D "-$in_rule"  2>&1)"
      fi
      [ -z "$ans" ] || write_error "$ans"
    ;;
  esac
}

message_loop
