#!/usr/bin/php -q
<?PHP
/* Copyright 2005-2023, Lime Technology
 * Copyright 2012-2023, Bergware International.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License version 2,
 * as published by the Free Software Foundation.
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 */
?>
<?
$set = $ifname = $argv[1];
$run = $set != 'none';
$ini = parse_ini_file('/var/local/emhttp/network.ini',true); ksort($ini,SORT_NATURAL);
$cfg = '/boot/config/network.cfg';

function update_wireguard($ifname) {
  if (!in_array($ifname,['br0','bond0','eth0'])) return;
  $nic = file_exists('/sys/class/net/br0') ? 'br0' : (file_exists('/sys/class/net/bond0') ? 'bond0' : 'eth0');
  exec("wg show interfaces|tr ' ' '\n'",$active);
  foreach (glob("/etc/wireguard/*.conf",GLOB_NOSORT) as $wg) {
    $vtun = basename($wg,'.conf');
    // interface has changed?
    if (exec("grep -Pom1 ' dev $nic ' $wg")=='') {
      exec("logger -t netconfig -- \"updated wireguard $vtun configuration\"");
      exec("sed -ri 's/ dev (br0|bond0|eth0) / dev $nic /' $wg");
    }
    // restart active wireguard tunnels
    if (in_array($vtun,$active)) exec("wg-quick down $vtun; sleep 1; wg-quick up $vtun");
  }
}
function ifname($name) {
  global $old;
  if (!$name) return;
  for ($i=0; $i<$old['SYSNICS']; $i++) {
    $nics = $old['BONDNICS'][$i] ?? $old['BRNICS'][$i] ?? '';
    if (strpos("$nics ","$name ")!==false) return $old['IFNAME'][$i];
  }
  return $name;
}
function bond_nics(&$bond,$nic) {
  $bond['BONDNICS'] = str_replace(',',' ',$bond['BONDNICS']);
  return explode(' ',preg_replace("/$nic ?/","",$bond['BONDNICS']));
}
function bridge_nics(&$bridge,$nic) {
  $bridge['BRNICS'] = str_replace(',',' ',$bridge['BRNICS']);
  return explode(' ',preg_replace("/$nic ?/","",$bridge['BRNICS']));
}

// stop interface with existing (old) configuration
// don't execute when only interface description has changed
if ($run) {
  $old = [];
  if (file_exists($cfg)) {
    $old = parse_ini_string(preg_replace(['/^#/m',"/\r/m"],[';',''],file_get_contents($cfg)));
    if (isset($old['SYSNICS'])) {
      // new syntax
      $ifname = ifname($set);
    } else {
      // legacy syntax
      if ($set=='eth0') $ifname = $old['BRIDGING']=='yes' ? ($old['BRNAME'] ?? 'br0') : ($old['BONDING']=='yes' ? ($old['BONDNAME'] ?? 'bond0') : $set);
    }
  }
  exec("/etc/rc.d/rc.inet1 ".escapeshellarg("{$ifname}_stop")." >/dev/null");
  if ($ini[$set]['BONDING']=='yes') {
    // release additional NICs in bond
    foreach (bond_nics($ini[$set],$set) as $nic) {
      if (isset($old['SYSNICS'])) $nic = ifname($nic);
      if ($nic && $nic!=$ifname) exec("/etc/rc.d/rc.inet1 ".escapeshellarg("{$nic}_stop")." >/dev/null");
    }
  } elseif ($ini[$set]['BRIDGING']=='yes') {
    // release additional NICs in bridge
    foreach (bridge_nics($ini[$set],$set) as $nic) {
      if (isset($old['SYSNICS'])) $nic = ifname($nic);
      if ($nic && $nic!=$ifname) exec("/etc/rc.d/rc.inet1 ".escapeshellarg("{$nic}_stop")." >/dev/null");
    }
  }
}

// create configuration file for all available interfaces
$i = 0; $new = ["# Generated settings:"];
foreach ($ini as $name => $port) {
  $bonding = $port['BONDING']=='yes';
  $bridging = $port['BRIDGING']=='yes';
  if ($bonding && in_array($name,bond_nics($port,$name))) continue;
  if ($bridging && in_array($name,bridge_nics($port,$name))) continue;
  $trunk = $port['TYPE']=='trunk';
  $j = 0; $x0 = 0;
  $iface = $bridging ? $port['BRNAME'] : ($bonding ? $port['BONDNAME'] : $name);
  $new[] = "IFNAME[$i]=\"$iface\"";
  if ($set==$name) $ifname = $iface;
  foreach ($port as $key => $val) {
    if (!strlen($val)) continue;
    if (preg_match('/^(TYPE|BONDING$|BRIDGING)/',$key)) continue;
    if (!$bonding && preg_match('/^(BONDING_MODE|BONDING_MIIMON|BONDNICS|BONDNAME)/',$key)) continue;
    if (!$bridging && preg_match('/^(BRSTP|BRFD|BRNICS|BRNAME)/',$key)) continue;
    [$item,$x] = array_pad(explode(':',$key,2),2,0);
    if ($trunk && $x>0 && preg_match('/^(VLANID|USE_DHCP6?|IPADDR6?|NETMASK6?|GATEWAY6?|METRIC|PRIVACY6|DESCRIPTION|PROTOCOL)/',$key)) {
      if ($x0 != $x) {$x0 = $x; $j++;}
      $vlan = ",$j]";
    } else $vlan = '';
    if (!$vlan && preg_match('/^VLANID/',$key)) continue;
    if ($item=='DHCP_KEEPRESOLV') $DHCP_KEEPRESOLV = $val;
    if ($item=='DHCP6_KEEPRESOLV') $DHCP6_KEEPRESOLV = $val;
    if ($item=='PROTOCOL') $PROTOCOL = $val;
    if ($item=='USE_DHCP') $USE_DHCP = $val;
    if ($item=='USE_DHCP6') $USE_DHCP6 = $val;
    if (in_array($item,['IPADDR','NETMASK','GATEWAY']) && $USE_DHCP!='no') continue;
    if (in_array($item,['IPADDR6','NETMASK6','GATEWAY6']) && $USE_DHCP6!='no') continue;
    if (preg_match('/^DNS_SERVER/',$key) && isset($DHCP_KEEPRESOLV) && $DHCP_KEEPRESOLV=='no') continue;
    if (preg_match('/^DNS6_SERVER/',$key) && isset($DHCP6_KEEPRESOLV) && $DHCP6_KEEPRESOLV=='no') continue;
    if ($item=='PRIVACY6' && $PROTOCOL=='ipv4') continue;
    if ($item=='METRIC' && $PROTOCOL=='ipv6') continue;
    if ($item=='METRIC6' && $PROTOCOL=='ipv4') continue;
    $new[] = $item.(preg_match('/^(DNS6?_SERVER|DHCP6?_KEEPRESOLV)/',$key)?'':'['.$i.($vlan?'':']')).$vlan."=\"$val\"";
  }
  if ($trunk) $new[] = "VLANS[$i]=\"".($j+1)."\"";
  $i++;
}
$new[] = "SYSNICS=\"$i\"";

file_put_contents($cfg,implode("\r\n",$new)."\r\n");
// start interface with updated (new) configuration
// don't execute when only interface description has changed
if ($run) {
  exec("/etc/rc.d/rc.inet1 {$ifname}_start &>/dev/null");
  exec("/usr/local/sbin/create_network_ini $ifname &>/dev/null &");
  update_wireguard($ifname);
}
exit(0);
?>
