#!/bin/bash
#Copyright 2002, 2003 William Stearns <wstearns@pobox.com>
#Released under the GPL.

Me='template'
MyVersion='0.1'

#Load function library
if [ -f "${FirebricksLibDir:-'/usr/lib/firebricks/firebrickslib/'}$Me" ]; then
	. ${FirebricksLibDir:-'/usr/lib/firebricks/firebrickslib/'}$Me
fi
#Load config file if it exists
if [ -f "${FirebricksConfDir:-'/etc/firebricks/'}$Me.conf" ]; then
	. ${FirebricksConfDir:-'/etc/firebricks/'}$Me.conf
fi

#Parse command line parameters
while [ -n "$1" ]; do
	case "$1" in
	[Ll][Ii][Nn][Kk])		Action='link'		;;
	[Uu][Nn][Ll][Ii][Nn][Kk])	Action='unlink'		;;
	[Cc][Rr][Ee][Aa][Tt][Ee])	Action='create'		;;
	[Dd][Ee][Ss][Tt][Rr][Oo][Yy])	Action='destroy'	;;
	[Ss][Tt][Aa][Rr][Tt])		Action='start'		;;
	[Ss][Tt][Oo][Pp])		Action='stop'		;;
	[Ss][Tt][Aa][Tt][Uu][Ss])	Action='status'		;;
	[Vv][Ee][Rr][Ss][Ii][Oo][Nn])	Action='version'	;;
	[Ll][Oo][Gg])			Log='yes'		;;
	[Dd][Rr][Oo][Pp])		Target='drop'		;;
	[Rr][Ee][Jj][Ee][Cc][Tt])	Target='reject'		;;
	*)
		#Treat as target?
		echo "Unknown parameter $1, ignoring." >>/dev/stderr
		;;
	esac
	shift
done

#Default action and target if none specified
#${Action:-'start'}
#${Target:-'drop'}

case "$Action" in
link)
	#Link the $Me chain into INPUT, OUTPUT, and/or FORWARD
	#To check only arriving packets, link into INPUT and FORWARD
	#To check only departing packets, link into FORWARD and OUTPUT
	$Ipt -A INPUT -j $Me
	$Ipt -A OUTPUT -j $Me
	$Ipt -A FORWARD -j $Me
	;;
unlink)
	#Take your rules in the link section and replace "-I" with "-D"
	$Ipt -D INPUT -j $Me
	$Ipt -D OUTPUT -j $Me
	$Ipt -D FORWARD -j $Me
	;;
create)
	#Create the chain in which we'll make our rules...
	flushornewchain $Me
	
	#...and load the rules
	if [ "$Log" = 'yes' ]; then
		#$Ipt -A $Me ..... -j LOG --log-prefix="$Me "
	fi
	#$Ipt -A $Me ..... -j $Target
	;;
destroy)
	#Erase the rules and remove the chain (call unlink first).
	destroychain $Me
	;;
start)
	. $Me $Log $Target create
	. $Me $Log $Target link
	;;
stop)
	. $Me $Log $Target unlink
	. $Me $Log $Target destroy
	;;
#start)
#	. $Me create $Actions
#	. $Me link $Actions
#	;;
#stop)
#	. $Me $Actions unlink
#	. $Me $Actions destroy
#	;;
status)
	State="$Me "
	#Show the state of this module
	if $Ipt -L $Me >/dev/null 2>/dev/null ; then
		State="$State created"
	else
		State="$State destroyed"
	fi
	echo "$State" >>/dev/stderr
	;;
version)
	#Just echo a version string
	echo "$Me $MyVersion" >>/dev/stderr
	;;
*)
	echo "Unknown action $Action in $Me, no action taken." >>/dev/stderr
	;;
esac