# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $

DESCRIPTION="APF is a policy based iptables firewall system designed for ease of use and configuration."
HOMEPAGE="http://www.rfxnetworks.com/${PN}.php"
MY_PKG="apf-current"
SRC_URI="http://www.rfxnetworks.com/downloads/${MY_PKG}.tar.gz"
LICENSE="GPL2"
SLOT="0"
KEYWORDS="x86"
IUSE="dshieldpy"
INSPATH="/etc/apf"
MY_PV="apf-0.9.5-1"

DEPEND="net-firewall/iptables
	dshieldpy? ( net-firewall/dshieldpy )"

src_unpack() {
	unpack ${A} || die "failed to unpack source"
	chmod -R +rwX ${WORKDIR}/${MY_PV} || die "failed to set perms"
	cd ${WORKDIR}/${MY_PV} || die "unable to cd to pkgdir"
	sed -i 's#/usr/local/bin:/usr/local/sbin:$PATH#$PATH#' ${WORKDIR}/${MY_PV}/files/ad/tlog
	sed -i 's#/usr/local/bin:/usr/local/sbin:$PATH#$PATH#' ${WORKDIR}/${MY_PV}/files/ad/antidos
	sed -i 's#/usr/local/bin:/usr/local/sbin:$PATH#$PATH#' ${WORKDIR}/${MY_PV}/files/vnet/vnetgen
	sed -i 's#/usr/local/bin:/usr/local/sbin:$PATH#$PATH#' ${WORKDIR}/${MY_PV}/files/internals/internals.conf
	sed -i 's#/usr/local/sbin#/usr/bin#' ${WORKDIR}/${MY_PV}/README
	sed -i 's#/usr/local/sbin#/usr/bin#' ${WORKDIR}/${MY_PV}/files/extras/dshield/cron.ds
}

src_install() {
        insopts -m0640 ; insinto /etc/apf; into /usr
	doins -r ${WORKDIR}/${MY_PV}/files/{*.rules,VERSION,conf.apf,ad,internals,vnet} 
	exeinto /etc/init.d; exeopts -m0750; doexe ${FILESDIR}/apf
        fperms 0750 /etc/apf; fperms 0750 /etc/apf/vnet/vnetgen
        fperms 0750 /etc/apf/ad/antidos; fperms 0750 /etc/apf/ad/tlog
        dobin ${WORKDIR}/${MY_PV}/files/extras/get_ports
	dodoc ${WORKDIR}/${MY_PV}/{README,README.antidos,CHANGELOG,COPYING.GPL} 
        exeinto /etc/apf; doexe ${WORKDIR}/${MY_PV}/files/{apf,firewall}
	dodir /usr/local/sbin
	dosym /etc/apf/apf /usr/local/sbin/apf
	dosym /etc/apf/apf /usr/bin/apf

	if use dshieldpy; then
        einfo "Setting cronjob for Dshield"
	sed -i 's#/usr/bin/dshield#/usr/bin/dshield.py#' ${WORKDIR}/${MY_PV}/files/extras/dshield/cron.ds
	exeinto /etc/cron.daily; newexe ${WORKDIR}/${MY_PV}/files/extras/dshield/cron.ds ds
	fi

	sed -i -e 's#/etc/rc.d/init.d/apf#/etc/init.d/apf#' ${WORKDIR}/${MY_PV}/cron.daily
	exeinto /etc/cron.daily; newexe ${WORKDIR}/${MY_PV}/cron.daily fw
	exeinto /etc/logrotate.d; newexe ${WORKDIR}/${MY_PV}/logrotate.d.apf apf

        ${WORKDIR}/${MY_PV}/files/vnet/vnetgen
}

pkg_postinst() {
	einfo ">"
        get_ports || die "failed to run /usr/bin/get_ports."
        einfo "Note: These ports are not auto-configured"
        einfo "they are simply presented for information purposes."
        einfo "You must manually configure all port options."
	einfo "<"
	einfo ".:Installation Details:."
	einfo "Install path:         ${INSPATH}"
	einfo "Config path:          ${INSPATH}/conf.apf"
	einfo "Executable path:      ${INSPATH}"
	einfo "AntiDos install path: ${INSPATH}/ad/"
	einfo "AntiDos config path:  ${INSPATH}/ad/conf.antidos"
	einfo ">"

        if use dshieldpy; then
        einfo "Using the provided USE flag will setup the dshield client to parse APF"
        einfo "iptable logs daily and submit a summary report to dshield.org for inclusion"
        einfo "into global attack trends. This feature is directly related to the dsheild drop"
        einfo "list as such list is possible by providing the dshield.org site with live world"
        einfo "firewall event logs."
        einfo "Dshield Config path:  /etc/dshield.conf"
	einfo "<"
	fi
}

pkg_prerm() {
	/etc/init.d/apf stop
}