#!/bin/sh
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2022  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

. /etc/sysconfig/rc
. $rc_functions

[ -e "/etc/sysconfig/dhcpd" ] && . /etc/sysconfig/dhcpd

eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)

function flush_chains() {
	iptables -F DHCPGREENINPUT
	iptables -F DHCPGREENOUTPUT
	iptables -F DHCPBLUEINPUT
	iptables -F DHCPBLUEOUTPUT
}

case "$1" in
	start)
		flush_chains

		if [ -n "${GREEN_DEV}" -a -e "/var/ipfire/dhcp/enable_green" ]; then
			LISTEN_INTERFACES+=" ${GREEN_DEV}"

			iptables -A DHCPGREENINPUT  -i "${GREEN_DEV}" -j DHCPINPUT
			iptables -A DHCPGREENOUTPUT -o "${GREEN_DEV}" -j DHCPOUTPUT
		fi
		if [ -n "${BLUE_DEV}" -a -e "/var/ipfire/dhcp/enable_blue" ]; then
			LISTEN_INTERFACES+=" ${BLUE_DEV}"

			iptables -A DHCPBLUEINPUT  -i "${BLUE_DEV}" -j DHCPINPUT
			iptables -A DHCPBLUEOUTPUT -o "${BLUE_DEV}" -j DHCPOUTPUT
		fi

		boot_mesg "Starting DHCP Server..."
		loadproc /usr/sbin/dhcpd -q ${LISTEN_INTERFACES}

		# Start Unbound DHCP Lease Bridge unless RFC2136 is used
		if [ "${DNS_UPDATE_ENABLED}" != on ]; then
			boot_mesg "Starting Unbound DHCP Leases Bridge..."
			loadproc /usr/sbin/unbound-dhcp-leases-bridge -d
		fi

		(sleep 5 && chmod 644 /var/run/dhcpd.pid) & # Fix because silly dhcpd creates its pid with mode 640
		;;

	stop)
		flush_chains

		boot_mesg "Stopping DHCP Server..."
		killproc -p /var/run/dhcpd.pid /usr/sbin/dhcpd
		if [ "$(ps -A | grep " dhcpd")" != "" ] ; then
		    # if fail use the hard way ...
		    boot_mesg "Killing DHCP Server..."
		    killall -w -s KILL /usr/sbin/dhcpd > /dev/null 2>&1
		    rm -f /var/run/dhcpd.pid > /dev/null 2>&1
		    echo_ok;
		fi

		boot_mesg "Stopping Unbound DHCP Leases Bridge..."
		killproc /usr/sbin/unbound-dhcp-leases-bridge
		;;

	reload)
		boot_mesg "Reloading DHCP Server..."
		reloadproc /usr/sbin/dhcpd
		;;

	restart)
		$0 stop
		sleep 1
		$0 start
		;;

	status)
		statusproc /usr/sbin/dhcpd
		statusproc /usr/sbin/unbound-dhcp-leases-bridge
		;;

	*)
		echo "Usage: $0 {start|stop|reload|restart|status}"
		exit 1
		;;
esac
