#!/bin/bash
#Copyright 2003 William Stearns <wstearns@pobox.com>
#Released under the GPL.

Me='histogram'
MyVersion='0.3.4'
DefaultActions='NONE'

[ -r /etc/firebricks/firebricks.conf ] &&			. /etc/firebricks/firebricks.conf
[ -r /etc/firebricks/$Me.conf ] &&				. /etc/firebricks/$Me.conf
[ -r ${FBLibDir:-'/usr/lib/firebricks/'}/firebrickslib ] &&	. ${FBLibDir:-'/usr/lib/firebricks/'}/firebrickslib
if [ -z "$FBLibVer" ]; then
	echo 'It looks like firebrickslib was not loaded, why?  Exiting' >&2
	exit 1
fi

for OneTask in $Tasks ; do
	case "$OneTask" in
	link)
		$IptablesBin -N $Me >/dev/null 2>&1
		#We're not actually going to link this in.
		#$IptablesBin $AppIn INPUT -i \! lo						-j $Me
		#$IptablesBin $AppIn FORWARD							-j $Me
		#$IptablesBin $AppIn OUTPUT -o \! lo						-j $Me
		;;
	unlink)
		#$IptablesBin -D INPUT -i \! lo							-j $Me
		#$IptablesBin -D FORWARD							-j $Me
		#$IptablesBin -D OUTPUT -o \! lo						-j $Me
		$IptablesBin -X $Me >/dev/null 2>&1
		;;
	create)
		echo "Starting $Me" >&2
		FlushOrNewChain $Me
		for OneLength in 52 1500 164 92 156 `seq 0 51` `seq 53 91` `seq 93 155` `seq 157 163` `seq 165 1499` `seq 1501 1600` ; do
			Actions='NONE'	$Ipt -A $Me -m length --length $OneLength		$Tail
		done
		;;
	destroy)
		echo "Stopping $Me" >&2
		DestroyChain $Me
		;;
	renamechain)
		echo "Renamechain not available for $Me" >&2
		#TempChain="$Me-$RANDOM"
		#echo "Replacing existing rules in $Me with new rules" >&2
		#$IptablesBin -E $Me $TempChain
		;;
	replacelinks)
		echo "Replacelinks not available for $Me" >&2
		#if [ -z "$TempChain" ]; then
		#	echo "No temporary chain to relink in $Me replacelinks, replace operation incomplete." >&2
		#elif ! $IptablesBin -L $Me -n >/dev/null 2>&1 ; then
		#	echo "No $Me chain in $Me, replace operation incomplete." >&2
		#elif ! $IptablesBin -L $TempChain -n >/dev/null 2>&1 ; then
		#	echo "No $TempChain chain in $Me, replace operation incomplete." >&2
		#elif [ "`$IptablesBin -L INPUT -n --line-numbers | grep $TempChain | wc -l`" -ne 1 ]; then
		#	echo "Too few/many references to $TempChain in INPUT in $Me replacelinks, replace operation incomplete." >&2
		#elif [ "`$IptablesBin -L FORWARD -n --line-numbers | grep $TempChain | wc -l`" -ne 1 ]; then
		#	echo "Too few/many references to $TempChain in FORWARD in $Me replacelinks, replace operation incomplete." >&2
		#elif [ "`$IptablesBin -L OUTPUT -n --line-numbers | grep $TempChain | wc -l`" -ne 1 ]; then
		#	echo "Too few/many references to $TempChain in OUTPUT in $Me replacelinks, replace operation incomplete." >&2
		#else
		#	$IptablesBin -R INPUT `$IptablesBin -L INPUT -n --line-numbers | grep $TempChain | awk '{print $1}'` -i \! lo		-j $Me
		#	$IptablesBin -R FORWARD `$IptablesBin -L FORWARD -n --line-numbers | grep $TempChain | awk '{print $1}'`		-j $Me
		#	$IptablesBin -R OUTPUT `$IptablesBin -L OUTPUT -n --line-numbers | grep $TempChain | awk '{print $1}'` -o \! lo		-j $Me
		#	DestroyChain $TempChain
		#	unset TempChain
		#fi
		;;
	status)
		if $IptablesBin -L $Me -n >/dev/null 2>&1 ; then
			echo "$Me created" >&2
		else
			echo "$Me destroyed" >&2
		fi
		;;
	version)
		echo "$Me $MyVersion, firebrickslib $FBLibVer" >&2
		;;
	help)
		DefaultHelp
		cat <<EOTEXT >&2
	The $Me module simply logs the sizes of the packets (with the
exception of packets going over the loopback interface, which can have
odd sizes).  With 1500 rules, this isn\'t for regular use, but more for
learning.
EOTEXT
		;;
	*)
		echo "Unknown action $Action in $Me, no action taken." >&2
		;;
	esac
done
