#!/bin/bash
#
# (c) Copyright 2005 Hewlett-Packard Development Company, L.P.
# All rights reserved
#
# $Id: hp-vt-iptables,v 1.4 2005/07/14 07:18:40 tonycu Exp $
#
# Author: Tony Cureington
#
# This script should not be called from the cmd line by users! 
# It should only be called by the hp-vtd daemon.
#
if [ $# -ne 1 ]; then
   exit 1
fi

CHAIN_NAME=hp_vt
# load/unload
case "$1" in
   load_ipv4_modules)
      # modprobe iptable_filter
      lsmod |grep iptable_filter &>/dev/null
      if [ $? -ne 0 ]; then
         modprobe iptable_filter || exit 1
      fi

      # modprobe ip_queue
      lsmod |grep ip_queue &>/dev/null
      if [ $? -ne 0 ]; then
         modprobe ip_queue || exit 2
      fi
   ;;

   load_ipv6_modules)
      # modprobe iptable_filter
      lsmod |grep iptable_filter &>/dev/null
      if [ $? -ne 0 ]; then
         modprobe iptable_filter || exit 20
      fi

      # modprobe ip_queue
      lsmod |grep ip6_queue &>/dev/null
      if [ $? -ne 0 ]; then
         modprobe ip6_queue
         if [ $? -ne 0 ]; then
            # not all distros have IPv6 queue module, see if this is one
            modprobe ip6_queue 2>&1 |egrep 'not found|locate module' &>/dev/null
            if [ $? -eq 0 ]; then
               # ip6_queue module not found
               exit 21
            fi

            # just double check it didn't load
            lsmod |grep ip6_queue &>/dev/null
            if [ $? -ne 0 ]; then
               exit 22
            fi
         fi
      fi
   ;;

   load_rules)
      # create new chain
      iptables -N $CHAIN_NAME || exit 60
      iptables -A $CHAIN_NAME -p TCP --syn -j QUEUE || exit 61

      # add the rule to the chain
      iptables -A OUTPUT -j $CHAIN_NAME || exit 63
   ;;

   unload_rules)
      # delete the chain from the OUTPUT
      iptables -D OUTPUT -j $CHAIN_NAME
      # flush the chain
      iptables -F $CHAIN_NAME
      # delete the chain
      iptables -X $CHAIN_NAME
   ;;

   *)
      echo "ERROR: $0 is not intended to be invoked from the command line."
      echo "       Invoking it from the command line with valid options may"
      echo "       cause unpredictable results. This script is to only be" 
      echo "       used by the hp-vt package."
      exit 1
   ;;

esac

exit 0


