#!/usr/bin/perl -w
#
#
# A script that imports text ebtables rules. Similar to iptables-restore.
# It can be used to restore configuration from /etc/sysconfig/ebtables.
#

use strict;
my $ebtables = "__EXEC_PATH__/ebtables";
my $table = "";
my $rc;
my $line;

# ==============================
# Check table
# Creates user chains.
# ==============================
sub check_chain {
    if ($table eq "filter") {
        if ($_[1] eq "INPUT") { return; }
        if ($_[1] eq "FORWARD") { return; }
        if ($_[1] eq "OUTPUT") { return; }
    }
    if ($table eq "nat") {
        if ($_[1] eq "PREROUTING") { return; }
        if ($_[1] eq "POSTROUTING") { return; }
        if ($_[1] eq "OUTPUT") { return; }
    }
    if ($table eq "broute") {
        if ($_[1] eq "BROUTING") { return; }
    }
    $rc = `$ebtables -t $_[0] -N $_[1]`;
    unless($? == 0) {print "ERROR: $rc\n"; exit -1};
}
# ==============================

unless (-x $ebtables) { print "ERROR: $ebtables isn't executable\n"; exit -1; };
$line = 0;
while(<>) {
    $line++;
    if(m/^#/) { next; };
    if(m/^$/) { next; };
    if(m/^\*(.*)/) {
        if (defined($ENV{'EBTABLES_SAVE_COUNTER'}) && !($ENV{'EBTABLES_SAVE_COUNTER'} eq "yes") && !($table eq "") ) {
            $rc = `$ebtables -t $table -Z`;
            unless($? == 0) {print "ERROR: $rc\n"; exit -1};
        }
        $table = $1;
        $rc = `$ebtables -t filter --init-table`;
        unless($? == 0) {print "ERROR: $rc\n"; exit -1};
        next;
    }
    if(m/^\:(.*?)\s(.*)/) {
        &check_chain($table,$1);
        $rc = `$ebtables -t $table -P $1 $2`;
        unless($? == 0) {print "ERROR(line $line): $rc\n"; exit -1};
        next;
    }
    $rc = `$ebtables -t $table $_`;
    unless($? == 0) {print "ERROR(line $line): $rc\n"; exit -1};
}
if (defined($ENV{'EBTABLES_SAVE_COUNTER'}) && !($ENV{'EBTABLES_SAVE_COUNTER'} eq "yes") && !($table eq "")) {
    $rc = `$ebtables -t $table -Z`;
    unless($? == 0) {print "ERROR: '-t $table -Z' failed\n"; exit -1};
}