#! /bin/csh -f

#
# This script disables ip-forwarding at boot, on all architectures.
#
# Be very carefull in changing this script.
#
	if (!($?noipfwd)) then
		goto abort
	endif

	source scripts/aliases
	set shell_if = "if"

	source scripts/restoreipfwd
	set FW_BOOT_DIR = "/etc/fw.boot"
	exists $FW_BOOT_DIR
	if ($status != 0) then
		mkdir $FW_BOOT_DIR
	endif

	if ($noipfwd == 1) then
		set IPFWD_ON = 1
		set IPFWD_OFF = 0
	else
		set IPFWD_ON = 0
		set IPFWD_OFF = 1
	endif

	if ($solaris2) then
		alias ex /usr/ucb/ex
		grep "FW-1 addition" /etc/rcS.d/S30rootusr.sh >& /dev/null
		if ($status == 0) then
			echo "You possess a beta version of FW-1 3.0"
			echo "Due to internal problem of that version, IP Forwarding"
			echo "cannot be configured without a damage to system files."
			echo "In order to solve the problem please restore the original"
			echo "/etc/rcS.d/S30rootusr.sh system file."
			echo "If you have problems, please contact your reseller"
			exit 0
		endif
		/bin/cp $FWDIR/bin/ipforwarding_off $FW_BOOT_DIR
		if ($status != 0) then
			echo "Unable to disable ip forwarding"
			echo "Cannot copy files to $FW_BOOT_DIR"
			goto abort
		endif
		grep "FW1_DOIPFWD" /etc/rcS.d/S30rootusr.sh >& /dev/null
		if ($status != 0) then
			if (!(-e $FW_BOOT_DIR/S30rootusr.sh)) then
				/bin/cp /etc/rcS.d/S30rootusr.sh $FW_BOOT_DIR
			endif
			ex - /etc/rcS.d/S30rootusr.sh >& /dev/null << EOEX_RUA
/#ident
a
FW1_DOIPFWD=1
.
/ifconfig.*lo0
a
$shell_if [ \${FW1_DOIPFWD:-0} -eq 1 ]; then
	$FW_BOOT_DIR/ipforwarding_off
fi
.
w!
q
EOEX_RUA
		else
# have to fix a bug of 3.0 
			grep '$FW1_DOIPFWD' /etc/rcS.d/S30rootusr.sh >& /dev/null
			if ($status == 0) then
				ex - /etc/rcS.d/S30rootusr.sh >& /dev/null << EFIX_BUG1
/\$FW1_DOIPFWD
d
i
$shell_if [ \${FW1_DOIPFWD:-0} -eq 1 ]; then
.
w!
q
EFIX_BUG1
			endif
		endif
		grep "FW1_DOIPFWD=$IPFWD_OFF" /etc/rcS.d/S30rootusr.sh >& /dev/null
		if ($status == 0) then
			ex - /etc/rcS.d/S30rootusr.sh >& /dev/null << EOEX_RU
/FW1_DOIPFWD=$IPFWD_OFF
d
i
FW1_DOIPFWD=$IPFWD_ON
.
w!
q
EOEX_RU
		endif
		grep "FW1_DOIPFWD" /etc/rc2.d/S69inet >& /dev/null
		if ($status != 0) then
			if (! (-e $FW_BOOT_DIR/S69inet)) then
				/bin/cp /etc/rc2.d/S69inet $FW_BOOT_DIR
			endif
			ex - /etc/rc2.d/S69inet >& /dev/null << EOEX_RUB
/#ident
a
FW1_DOIPFWD=1
.
/ip_forwarding 1
i
		$shell_if [ \${FW1_DOIPFWD:-0} -eq 0 ]; then
			
.
j
.
a
		fi
.
w!
q
EOEX_RUB
		else
# have to fix bug of 3.0
			grep '$FW1_DOIPFWD' /etc/rc2.d/S69inet >& /dev/null
			if ($status == 0) then
				ex - /etc/rc2.d/S69inet >& /dev/null << EFIX_BUG2
/\$FW1_DOIPFWD
d
i
		$shell_if [ \${FW1_DOIPFWD:-0} -eq 0 ]; then
.
w!
q
EFIX_BUG2
			endif
		endif
		grep "FW1_DOIPFWD=$IPFWD_OFF" /etc/rc2.d/S69inet >& /dev/null
		if ($status == 0) then
			ex - /etc/rc2.d/S69inet >& /dev/null << EOEX_RUC
/FW1_DOIPFWD=$IPFWD_OFF
d
i
FW1_DOIPFWD=$IPFWD_ON
.
w!
q
EOEX_RUC
		endif
	endif

	if ($hpux == 10) then
		if ($noipfwd == 0) then
			/bin/rm -f /sbin/init.d/noipforward
			/bin/rm -f /sbin/rc2.d/S001noipforward
			goto ok
		endif
		if (-x /sbin/init.d/noipforward) then
			E ""
			E "IP forwarding was already disabled in /sbin/init.d/noipforward"
			E ""
		else
			echo '#\!/bin/sh' >/sbin/init.d/noipforward
			echo 'PATH=/sbin:/usr/sbin:/usr/bin' >>/sbin/init.d/noipforward
			echo 'export PATH'>>/sbin/init.d/noipforward
			echo 'case "$1" in'>>/sbin/init.d/noipforward
			echo '	start_msg)'>>/sbin/init.d/noipforward
			echo '		echo "Turn IP-Forwarding OFF"'>>/sbin/init.d/noipforward
			echo '		;;'>>/sbin/init.d/noipforward
			echo ''>>/sbin/init.d/noipforward
			echo '	stop_msg)'>>/sbin/init.d/noipforward
			echo '		echo "(Not Turning IP-Forwarding on)"'>>/sbin/init.d/noipforward
			echo '		;;'>>/sbin/init.d/noipforward
			echo ''>>/sbin/init.d/noipforward
			echo '	start)'>>/sbin/init.d/noipforward
			echo '		if [ -x /usr/bin/adb ]; then'>>/sbin/init.d/noipforward
			echo '			echo "ipforwarding /W 0" | adb -w /stand/vmunix /dev/kmem'>>/sbin/init.d/noipforward
			echo '		fi'>>/sbin/init.d/noipforward
			echo '		;;'>>/sbin/init.d/noipforward
			echo '	esac'>>/sbin/init.d/noipforward
			echo 'exit 0'>>/sbin/init.d/noipforward
			chmod 555 /sbin/init.d/noipforward
			ln -s /sbin/init.d/noipforward /sbin/rc2.d/S001noipforward
			if (! -x /sbin/rc2.d/S001noipforward) then
				E ""
				E "Failed disabling IP forwarding.  Consult manual."
				E ""
			endif
		endif
		goto ok
	endif
	

	if ($hpux == 9) then
		grep -q "FW1_DOIPFWD" /etc/brc
		if ($status != 0) then
			if (!(-e $FW_BOOT_DIR/brc)) then
				/bin/cp /etc/brc $FW_BOOT_DIR
			endif
			ex - /etc/brc << EOEX >/dev/null
\$-1
a

FW1_DOIPFWD=1
$shell_if [ \$FW1_DOIPFWD ]; then
	echo "ipforwarding/W 0" | adb -w /hp-ux /dev/kmem >/dev/null
fi
.
w!
q
EOEX
		endif
		grep -q "FW1_DOIPFWD=$IPFWD_OFF" /etc/brc
		if ($status == 0) then
			ex - /etc/brc >& /dev/null << EOF1
/FW1_DOIPFWD=$IPFWD_OFF
d
i
FW1_DOIPFWD=$IPFWD_ON
.
w!
q
EOF1
		endif
	endif

	if ($sunos4) then
		grep -s "FW1_DOIPFWD" /etc/rc.single
		if ($status != 0) then
			ex - /etc/rc.single << EOEX >& /dev/null
/loadkeys -e
a

	FW1_DOIPFWD=1
	$shell_if [ \$FW1_DOIPFWD ]; then
		echo "ip_forwarding/W 0" | adb -w /vmunix /dev/kmem > /dev/null
	fi
.
w!
q
EOEX
		endif
		grep -s "FW1_DOIPFWD=$IPFWD_OFF" /etc/rc.single
		if ($status == 0) then
			ex - /etc/rc.single >& /dev/null << EOEX1
/FW1_DOIPFWD=$IPFWD_OFF
d
i
FW1_DOIPFWD=$IPFWD_ON
.
w!
q
EOEX1
		endif
	
	endif

ok:
	if ($IPFWD_ON) then
		E "IP forwarding disabled"
	else
		E "IP forwarding enabled"
	endif
	exit 0

abort:
	exit 1

