#!/bin/sh

# PROVIDE: ndproxy
# REQUIRE: NETWORKING sysctl
# KEYWORD: nojail

. /etc/rc.subr

name="ndproxy"
rcvar=ndproxy_enable
start_cmd="ndproxy_start"
stop_cmd="ndproxy_stop"

# Promiscuous mode may be disabled if uplink_interface and downlink_mac_address are same interface
: ${ndproxy_promisc_enable:=YES}

ndproxy_start()
{
    echo "Starting ndproxy:"
    sysctl net.inet6.ndproxyconf_uplink_interface > /dev/null 2>&1
    if [ $? -eq 1 ]; then
	kldload ndproxy > /dev/null 2>&1
	if [ $? -eq 1 ]; then
	    echo Failure loading ndproxy.
	    return;
	fi
    fi

    sysctl net.inet6.ndproxycount=0

    sysctl net.inet6.ndproxyconf_uplink_interface=${ndproxy_uplink_interface}
    sysctl net.inet6.ndproxyconf_downlink_mac_address=${ndproxy_downlink_mac_address}
    sysctl net.inet6.ndproxyconf_exception_ipv6_addresses=${ndproxy_exception_ipv6_addresses}
    sysctl net.inet6.ndproxyconf_uplink_ipv6_addresses=${ndproxy_uplink_ipv6_addresses}

    if [ -z "${ndproxy_uplink_interface}" ]; then
	echo "Warning: ndproxy_uplink_interface should be defined in rc.conf (see ndproxy(4))."
    fi

    if [ -z "${ndproxy_downlink_mac_address}" ]; then
	echo "Warning: ndproxy_downlink_mac_address should be defined in rc.conf (see ndproxy(4))."
    fi

    if [ -z "${ndproxy_uplink_ipv6_addresses}" ]; then
	echo "Warning: ndproxy_uplink_ipv6_addresses should be defined in rc.conf (see ndproxy(4))."
    fi

    # Note that ndproxy_exception_ipv6_addresses may be left empty.
    
    case "${ndproxy_promisc_enable}" in
        [Nn][Oo])
            ;;
        *)
            if [ -n "${ndproxy_uplink_interface}" ]; then
                ifconfig ${ndproxy_uplink_interface} | head -1 | grep PPROMISC > /dev/null
                if [ $? -ne 0 ]; then
                    echo "Putting interface ${ndproxy_uplink_interface} into permanently promiscuous mode."
                    ifconfig ${ndproxy_uplink_interface} promisc
                fi
            fi
            ;;
    esac

    echo Done.
}

ndproxy_stop()
{
    echo "Stopping ndproxy:"

    sysctl net.inet6.ndproxyconf_uplink_interface > /dev/null 2>&1
    if [ $? -eq 1 ]; then
	echo Failure unloading ndproxy.
    else
	kldunload ndproxy > /dev/null 2>&1
	if [ $? -eq 1 ]; then
	    echo Failure unloading ndproxy.
	else
	    echo Done.
	fi
    fi
}

load_rc_config $name
run_rc_command "$1"
