#!/bin/sh
. /lib/functions/network.sh
vpname=vps000
_checkpid(){
	pid=`echo $$`
	pname=`echo $0`
	mypidfile=/tmp/myvpn.pid
	if test -f "$mypidfile";then
		expid=`cat $mypidfile`
		if grep $pname /proc/`cat $mypidfile`/cmdline > /dev/null 2>&1 ;then
			echo "The process $pname is already exists ! pid:$expid."
			exit 0
		fi		
	fi
	echo $pid > $mypidfile
}

_checkmyvpn(){
	if uci get myvpn.@myvpn[0].enable >/dev/null 2>&1;then
		_checkvpnconnect
	fi
}

_checkvpnconnect(){
	if ifconfig vpn-$vpname >/dev/null 2>&1;then
		echo vpn-$vpname already exists!
	else
		_connectvpn
	fi
}

_checkroute(){
	ip route|grep 0.0.0.0/1|grep vpn >/dev/null 2>&1
	if [ "$?" = "1" ];then
		ip route add 0.0.0.0/1 dev vpn-$vpname
		ip route add 128.0.0.0/1 dev vpn-$vpname
	fi
}
_connectvpn(){
	apiserver=`uci get myvpn.@myvpn[0].server|sed s/[[:space:]]//g`
	api_info=`curl -s -k -A openwrt https://$apiserver/openwrt/api.php`
	. /usr/share/libubox/jshn.sh
	json_load $api_info
	json_get_var status status
	if [ "$status" = "200" ];then
		json_get_var vpnserver vpnserver
		echo $vpnserver
		json_get_var vpnport vpnport
		echo $vpnport
	else
		exit
	fi
	
	vpnusername=`uci get myvpn.@myvpn[0].username|sed s/[[:space:]]//g`
	vpnpassword=`uci get myvpn.@myvpn[0].password|sed s/[[:space:]]//g`
	#这里需要添加一个vpn账号密码检测。如果用户名密码错误或到期就提示用户。正确了再正常添加VPN连接。
	uci set network.$vpname=interface
	uci set network.$vpname.proto='openconnect'
	uci set network.$vpname.auto='0'
	uci set network.$vpname.delegate='0'
	uci set network.$vpname.defaultroute='0'
	uci set network.$vpname.port=$vpnport
	uci set network.$vpname.username=$vpnusername
	uci set network.$vpname.password=$vpnpassword
	uci set network.$vpname.server=$vpnserver
	uci commit network.$vpname
	FIREWALL=$(uci get firewall.@zone[1].network)
	echo $FIREWALL|grep $vpname >/dev/null
	if [ "$?" != "0" ];then
		echo " Add $vpname to Firewall"
		uci set firewall.@zone[1].network="$FIREWALL $vpname"
		uci commit firewall
	fi
	ifup $vpname
	ip route add 0.0.0.0/1 dev vpn-$vpname
	ip route add 128.0.0.0/1 dev vpn-$vpname
	#连接成功后设置dns为智能解析。
	_setdns
}

_setdns(){
cat>/etc/dnsmasq.conf<<EOF
no-resolv
all-servers
server=180.76.76.76,0
server=114.114.114.114,0
server=1.1.1.1,1
server=8.8.8.8,1
chnroutes-file=/etc/chnroute

EOF
	/etc/init.d/dnsmasq restart > /dev/null 2>&1
}



_getwan(){
	. /lib/functions/network.sh
	network_find_wan NET_IF
	network_get_gateway NET_GATEWAY "${NET_IF}"
	echo $NET_GATEWAY
}

_start(){
	_checkpid
	while true;do
		_checkmyvpn
		_checkroute
	sleep 10
	done
}

_stop(){
	uci del network.$vpname > /dev/null 2>&1
	uci commit network
	ip link del vpn-$vpname > /dev/null 2>&1
	/etc/init.d/myvpn stop
}


action=$1
case "$action" in
stop) 
	_stop
	;;
getwan) 
	_getwan
	;;
*)
    _start
    ;;
esac

