#!/bin/sh
# shellcheck disable=SC2154

. /lib/functions.sh
. /usr/share/libubox/jshn.sh

dev=$1
ip=$2
remote=$3

ip a a $ip dev $dev
ip link set dev $dev up

logger -t fastd-establish -p daemon.info "[OK] VPN connection changed! Using remote $remote"
# no need to set default-gw when in innercity mode
[ "$(uci -q get ffwizard.vpn.mode)" = "innercity" ] && return

json="$(uclient-fetch -q -T 4 -O- "http://$remote/freifunk/vpn")"
json_load "$json" 2>/dev/null
json_get_var gateway_ip gateway_ip

# if we don't have a gateway ip, make sure, we add routing rules anyways. 
# so we don't use local internet in that case by accident
if [ -n "$gateway_ip" ]; then 
	ip route add default via $gateway_ip table 50
else
    logger -t fastd-establish -p daemon.error "ERROR: We got no gateway ip, internet access will not work"
fi

ip rule add to 10.0.0.0/8 prio 30001 table main
ip rule add from 10.63.0.0/16 prio 30010 table 50
ip rule add to 100.64.0.1/10 prio 30002 table main
ip rule add from 100.64.0.1/10 prio 30003 table 50
json_cleanup
logger -t fastd-establish -p daemon.info "[OK] VPN is now active! We route via $gateway_ip"

exit 0
# vim: set filetype=sh ai noet ts=4 sw=4 sts=4 :