#! /bin/csh -f
#
# (c) Copyright 1993-1997 Check Point Software Technologies Ltd.
# All rights reserved.
# 
# This is proprietary information of Check Point Software Technologies
# Ltd., which is provided for informational purposes only and for use
# solely in conjunction with the authorized use of Check Point Software
# Technologies Ltd. products.  The viewing and use of this information is
# subject, to the extent appropriate, to the terms and conditions of the
# license agreement that authorizes the use of the relevant product.
#
# $Header: /fw/cvs/fw-1/fwutil/fwinst.new/fwinstall.csh,v 1.16.2.15 1997/07/28 15:20:32 rimon Exp $
#
onintr interupt
setenv FWINSTALL 1

set shell_if = if

#
# set some needed variables
#
if (! $?FWDIR) setenv FWDIR /etc/fw
set tmpdir = /tmp/fw.$$
set tmpset = /tmp/set.$$
if (-x /bin/touch) then
	/bin/touch $tmpset
else
	/usr/bin/touch $tmpset
endif
set ans=i
set guidef
set grpdef
set grpset
set setauth
set licdef=x
set masterdef
set clientdef
set autodef
set upgrade
set keydef
set gotoconf
set gosubconf=()
set sedstring='s/\^/\!/g'
set hpux_kernel = 0
set havelic
set bootmodifications

#
# If we don't have scripts already, but we have the tar file, extract
# them right here.
#
if (( ! -f scripts/aliases ) && ( -f inst-tar.gz )) then
	echo "Extracting files needed for installation.  Please wait."
	cat inst-tar.gz | ./gunzip | tar xfp -
	echo ""
endif

#
# Make sure we are in a proper installation/FW directory.  if we can't find
# one, exit with a message.
#
if ( ! -f scripts/aliases ) then
	if ( -f $FWDIR/scripts/aliases) then
		cd $FWDIR
	else
		echo "You must run fwinstall/fwconfig from your installation dir or"
		echo "your firewall dir, or have your FWDIR environment variable set."
		exit 1
	endif
endif

if ( -f fwtar.gz.1 ) then
	set dist = (fwtar.gz.[123])
else
	set dist = fwtar.gz
endif
#if ( -f $FWDIR/conf/product.id ) then
#	set optname=`cat $FWDIR/conf/product.id | awk -F\% '{ print $1 }' | sed 's/ *$//g'`
#	set type=`cat $FWDIR/conf/product.id | awk -F\% '{ print $2 }' | sed 's/ *$//g'`
#    set relevant=(`cat $FWDIR/conf/product.id | awk -F\% '{ print $3 }' | sed 's/ *$//g'`)
#	if ( `basename $0` == fwconfig) then
#		echo ""
#		echo "This machine has FireWall-1 $optname installed.  Configuring..."
#		echo ""
#		set ans=c
#	endif
#else
	set optname
	set type
	set relevants
#endif

#
# identify arch
#

if ( -f /kernel/genunix || -f /kernel/unix ) then
	set solaris2 = 1
	set hpux = 0
	set sunos4 = 0
	set freebsd = 0
	set aix = 0
	set module = modules/fwmod.5.3.o
	set path = ( /usr/bin /usr/ucb /usr/sbin )
	alias df /usr/ucb/df
else if (-f /hp-ux) then
	set solaris2 = 0
	set hpux = 9
	if (`uname -m | sed -e 's/^.*\///' -e 's/\(.\).*/\1/'` == 7) then
		set hpux700 = 1
		set hpux800 = 0
	else
		set hpux700 = 0
		set hpux800 = 1
	endif
	set sunos4 = 0
	set freebsd = 0
	set aix = 0
	set module = modules/fwmod.hpux9.o
	set path = (/bin /usr/bin /etc)
	alias hostid 'echo "obase=16 ; `uname -i`" | bc -l'
	alias df bdf
else if (-f /stand/vmunix) then
	set solaris2 = 0
	set hpux = 10
	if (`uname -m | sed -e 's/^.*\///' -e 's/\(.\).*/\1/'` == 7) then
		set hpux700 = 1
		set hpux800 = 0
	else
		set hpux700 = 0
		set hpux800 = 1
	endif
	set sunos4 = 0
	set freebsd = 0
	set aix = 0
	set module = modules/fwmod.hpux10.o
	set path = (/bin /usr/bin /usr/sbin /etc)
	alias hostid 'echo "obase=16 ; `uname -i`" | bc -l'
	alias df bdf
else if (-f /vmunix) then
	set solaris2 = 0
	set hpux = 0
	set sunos4 = 1
	set freebsd = 0
	set aix = 0
	set module = modules/fwmod.4.1.3.o
	set path = ( /usr/bin /usr/ucb /bin /usr/etc )
else if (-f /kernel) then
	set solaris2 = 0
	set hpux = 0
	set sunos4 = 0
	set aix = 0
	set freebsd = 1
	set module = modules/fwmod.o
	set path = ( /usr/bin /usr/ucb /bin /usr/etc )
else if (-f /usr/lib/drivers/netinet) then
	set solaris2 = 0
	set hpux = 0
	set sunos4 = 0
	set aix = 1
	set freebsd = 0
	set modnum = `oslevel | sed -e 's/\./\_/g'`
	set oslev = `oslevel`
	set id=`whoami`
	if ( "X$id" != "Xroot" ) then
		echo "You are not a super-user. Super user Permissions are essential for correct"
		echo "Installation/Configuration."
		exit 1
	endif		
	set patchsum = `sum /usr/lib/drivers/netinet | awk '$1 {print $1}'`
	if ( ( $oslev == 4.1.4.0 && $patchsum != 45367 ) || \
		 ( $oslev == 4.1.5.0 && $patchsum != 32968 ) || \
		 ( $oslev == 4.2.0.0 && $patchsum != 61956 ) ) then
		echo 'netinet' patch not installed, cannot install FireWall-1
		exit 1
	endif
	if ( $oslev != 4.1.4.0 && $oslev != 4.1.5.0 && $oslev != 4.2.0.0 && $oslev != 4.2.1.0 ) then
		echo `oslevel`: This operating system is not supported
		exit 1
	endif

	setenv FWDIR /usr/lpp/FireWall-1
	set module = modules/fwmod.$modnum.o
	set path = ( /usr/bin /usr/sbin /bin /usr/etc )
else
	echo Cannot recognize your system.
	exit 1
endif

#
# default eval license
#

set license_string = 12345678-12345678-12345678
set license_features = ( std routers )
set license_host = eval

#
# set some more needed variables
#

set now = `date +%y%m%d-%H:%M.%S`
set product = "FireWall-1"
set version = "v3.0"

unset killinetd

source scripts/aliases

label "$product $version Installation"

#
# This part reads the conf/install.conf, and executes the needed scripts,
# according to conditions met.
# format: description	%	script-name		%		conditions
# conditions is a shell-script expression in the form of:
# (("X$optname" == "XInternet Gateway") || ("X$optname" == "XFireWall Module"))
#


set management=0
set firewall=0
set auth=0
set unlimit=0

set oldl
set onel
set newl=x
set tmpl=()
@ lnum = 0
set scrdesc=()
set lnums=()
set scripts=()
set conditions=()
set id=`whoami`

E "Reading fwinstall configuration.  This might take a while."
E "Please wait."

if ( -e /tmp/install.conf ) /bin/rm /tmp/install.conf
if ( -e /tmp/install.tmpscr ) /bin/rm /tmp/install.tmpscr
sed 's/(/ ( /g' conf/install.conf |sed 's/)/ ) /g' >/tmp/install.conf

#while ("X$oldl" != "X$newl")
#	set oldl="$newl"
#	@ lnum = $lnum + 1
#	set onel=("`head -$lnum /tmp/install.conf|tail -1`")
#	set newl="$onel"
#	if ("X$oldl" != "X$onel") then
#		set lnums=($lnums $lnum)
#		set scrdesc=($scrdesc `echo "$onel"|awk -F\% '{ print $1 }'|sed 's/ /%/g'|sed 's/%*$//g'`)
#		set scripts=($scripts `echo "$onel"|awk -F\% '{ print $2 }'`)
#		set conditions=($conditions `head -$lnum /tmp/install.conf|tail -1|awk -F% '{ print $3 }'|sed 's/ /%/g'`)
#		echo -n "."
#	endif
#end
if ( -x scripts/parseconf ) then
	scripts/parseconf
else if ( -x ./parseconf ) then
	./parseconf
else
	parseconf
endif
source /tmp/install.tmpscr
/bin/rm /tmp/install.conf
/bin/rm /tmp/install.tmpscr

E ""
E "Configuration loaded.  Running FireWall-1 Setup."
E ""

if ( -f /tmp/defaults.saved ) /bin/rm /tmp/defaults.saved

if (( -f conf/defaults.conf ) && (`pwd` != $FWDIR)) \
	cp conf/defaults.conf /tmp/defaults.saved

if (-f /tmp/install.log) /bin/rm /tmp/install.log
date >/tmp/install.log

set lnm=($lnums)

flow:
set brk=0
foreach i ($lnm)
	set cond=`echo $conditions[$i]|sed "s/\%/ /g"|sed "$sedstring"`
	set tmpl=`echo "if ( $cond )"`
	set tmp2=`eval $tmpl echo 1`
	if ($tmp2) then
		echo `echo $conditions[$i]|sed 's/%/ /g'|sed "$sedstring"`=TRUE.  executing $scripts[$i]. >>/tmp/install.log
		set cond=""
		set gotoconf=""
		set curdesc="$scrdesc[$i]"
		set preservei=$i
		source $scripts[$i]
		if ($status == 1) goto abort
		set i=$preservei
		fwrand
		while ("X$gotoconf" != X)
			if ("X$gotoconf" == "done") goto done
			@ gotonum = 0
			foreach k ($scrdesc)
				@ gotonum ++
				if ("X$gotoconf" == "X$scrdesc[$gotonum]") then
					instlog "GOTOCONF: `echo $gotoconf|sed 's/%/ /g'`"
					set gotoconf=""
					set curdesc="$scrdesc[$i]"
					set cond=`echo $conditions[$gotonum]|sed 's/%/ /g'|sed "$sedstring"`
					set tmpl=`echo "if ( $cond )"`
					set tmp2=`eval $tmpl echo 1`
					if ($tmp2) then
						echo `echo $conditions[$gotonum]]|sed 's/%/ /g'|sed "$sedstring"`=TRUE.  executing $scripts[$gotonum]. >>/tmp/install.log
						set cond=""
						set preservei=$i
						source $scripts[$gotonum]
						if ($status == 1) goto abort
						set i=$preservei
						fwrand
						if (("X$gotoconf" == X) && ("X$gosubconf" != X)) then
							set gotoconf=$gosubconf[1]
							shift gosubconf
						endif
					else
						if (("X$gotoconf" == X) && ("X$gosubconf" != X)) then
							set gotoconf=$gosubconf[1]
							shift gosubconf
						endif
						echo `echo $conditions[$gotonum]|sed 's/%/ /g'|sed "$sedstring"`=FALSE.  not executing $scripts[$gotonum].>>/tmp/install.log
					endif
					if (("X$gotoconf" == X) && ("X$gosubconf" == X)) then
						set brk=1
						set lnm=($lnums)
						while ("X$gotonum" != X0)
							shift lnm
							@ gotonum --
						end
					endif
					fwrand
				endif
			end
		end
		if ("X$brk" == X1) break
	else
		echo `echo $conditions[$i]|sed 's/%/ /g'|sed "$sedstring"`=FALSE.  not executing $scripts[$i].>>/tmp/install.log
	endif
end

if ("X$brk" == X1) goto flow

done:

if ( -f /tmp/defaults.saved ) then
	/bin/rm conf/defaults.conf
	/bin/mv /tmp/defaults.saved conf/defaults.conf
endif

cat /tmp/install.log >>$FWDIR/log/install.log
/bin/rm /tmp/install.log
if (-f $FWDIR/conf/product.id) /bin/rm $FWDIR/conf/product.id
echo "$optname % $type % $relevant" > $FWDIR/conf/product.id

#
# done.
#

	label "$product is now installed."

	if ($hpux && $firewall && $?hpkernelfile) then
		if ($hpux == 10) then
			E "To start FW-1 copy /stand/build/vmunix_fw to /stand/vmunix and reboot."
			E "Please note that on first reboot, $product will report it has failed,"
			E "since there is no Security Policy defined."
		else
			E "To start FW-1 copy $hpkernelfile to /hp-ux and reboot."
		endif
		goto last
	endif

#
# start FW now ?
#

#	if ("X$ans" == Xc) goto last

	E -n "Do you wish to start FW-1 now (y/n) [y] ? "
	get ans

unsetenv FWINSTALL
	
	fwrand

	if ($?havelic) goto startfw

	if ("X$ans" == Xy || "X$ans" == X) then
		E ""
		E "You need to get a valid license in order to start FW-1."
		set ans = n
	endif

startfw:
	if ("X$ans" == Xy || "X$ans" == X) then
		E ""
		E "Note: On first startup, Security Policy fetch error can be IGNORED"
		E ""
		$FWDIR/bin/fwstart
#		if ($status == 1) then
#			quit "FW Startup failed, Please check installation parameters."
#		endif
	endif

#
# just a few post-installation notes for the user
#

last:
	E ""
	E "*******************************************************************"
	E "                DO NOT FORGET TO:"
	E "1. add the line:    setenv FWDIR $FWDIR   to .cshrc"
	E "                or  FWDIR=$FWDIR; export FWDIR	to .profile"
	E "2. add  $FWDIR/bin  to path"
	E "3. add  $FWDIR/man  to MANPATH environment"
	E "*******************************************************************"
	E ""
	E "You may configure FireWall-1 anytime, by running fwconfig."
	if ($?exstr) then
		E $exstr
		exit 1
	endif

theend:
	/bin/rm $tmpset >&/dev/null
	/bin/rm /tmp/conf >& /dev/null
	/bin/rm /tmp/scripts >& /dev/null
	label "Installation completed successfully"
	exit 0

interupt:
	/bin/rm $tmpset >&/dev/null
	E ""
	E "*** Interrupt"
	E "$product Installation aborted."
	exit 1

abort:
	/bin/rm $tmpset >&/dev/null
	E ""
	E "Installation aborted"
	exit 1

