#!/bin/sh
#
# clement	This shell script takes care of starting and stopping
#		clement daemon.
#
# chkconfig:  - 92 10
#
# description: 'clement' is a daemon to catch SMTP request
#	        Check for viruses and spam then request
#		advices from remote Mentor to give a
#		final acceptance/rebutal E-mail while
#		remote SMTP client is still on-line.
# processname:  clement
	       
# real time.
# Source function library.

[ -f  /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions

#takin care of mentor2 specific.
PROG=clement
PLOCK=/var/lock/subsys
DST_CRON_SCRIPT=/etc/cron.d/mail

[ -f /etc/sysconfig/$PROG ] && . /etc/sysconfig/$PROG

#----------------------------------------------------------------------
#Detecting local SMTP daemon and adding 127.0.0.25 listening port
#----------------------------------------------------------------------
do_addmail()

{
for mailer in "exim" "postfix" "sendmail" ; do
  case "$mailer" in
    "sendmail" ) 	#adding at the end
       if [ -f /etc/mail/$mailer.cf ] ; then 
         cat /etc/$APPNAME-$VERS/$mailer.cf >> /etc/mail/$mailer.cf
	 fi
       ;;

    "postfix"  )	#adding at the end
       if [ -f /etc/postfix/master.cf ] ; then 
         cat /etc/$APPNAME-$VERS/$mailer.cf >> /etc/postfix/master.cf
	 fi
       ;;

    "exim"     )	#adding at the begining
       if [ -f /etc/$mailer.conf ] ; then 
         cat /etc/$APPNAME-$VERS/$mailer.cf \
	     /etc/$mailer.conf > /etc/$mailer.conf.$$
	 mv -f /etc/$mailer.conf.$$ /etc/$mailer.conf
	 fi
       ;;
    esac
  if [ -f $PLOCK/$mailer ] ; then	
    service $mailer restart
    fi
  done

}
#----------------------------------------------------------------------
#creating clement local certificat
#----------------------------------------------------------------------
do_mkcert()

{
	if [ ! -f /etc/pki/$APPNAME-$VERS/$PROG.pem ] ; then
	  gprintf "Preparing %s certificat: " "$PROG"
	  /var/lib/$APPNAME-$VERS/support/dummy-cert \
		 /etc/pki/$APPNAME-$VERS/$PROG.pem
	  chown mail.mail /etc/pki/$APPNAME-$VERS/$PROG.pem
	  success "certs generation"
	  echo
          fi
}
#----------------------------------------------------------------------
#setting local clement configuration
#----------------------------------------------------------------------
do_mkconf()

{
	if [ ! -f /etc/$APPNAME-$VERS/config.done ] ; then
	  do_addmail ;
	  gprintf "Preparing %s config: " "$PROG"
	  /var/lib/$APPNAME-$VERS/support/addconf.sh
	  date > /etc/$APPNAME-$VERS/config.done
	  success "conf addition"
	  echo
	  if [ -f $PLOCK/httpd ] ; then
	    service httpd restart
	    fi
	  fi

}
#----------------------------------------------------------------------
#procedure to check if freshclam is up and running
#----------------------------------------------------------------------
chk_freshclam()

{
if [ ! -f $PLOCK/freshclam ] ; then
  gprintf "freshclam daemon NOT up and running (please check this)" 
  warning $"Start freshclam"
  echo
fi
}
#----------------------------------------------------------------------
#procedure to update iptable according information
#available within /etc/$APPNAME-$VERS/iptables.conf
#----------------------------------------------------------------------
do_ipt()

{
case "$1" in
  "start")
     /sbin/iptables -N clement
     /sbin/iptables -N clement -t nat
     ;;
  "stop")
     /sbin/iptables -F clement -t nat
     /sbin/iptables -F clement
     ;;
  esac
list=`grep ^IPT /etc/$APPNAME-$VERS/iptables.conf | cut -d'=' -f2`
for ENT in $list
  do
  iface=`echo $ENT | cut  -d',' -f1`;
  host=`echo $ENT | cut  -d',' -f2`;
  eport=`echo $ENT | cut -d',' -f3`;
  iport=`echo $ENT | cut -d',' -f4`;
  if [ "$host" = "*" ] ; then
    DESTIN="--to :$iport"
  else
    DESTIN="--to $host:$iport -d $host"
  fi
  case "$1" in
    "start")
       /sbin/iptables -I clement -i $iface -p tcp --dport $iport -j ACCEPT
       /sbin/iptables -I clement -i $iface -p tcp --dport $eport \
		      -j DNAT -t nat $DESTIN
       ;;
    "stop")
      ;;
    esac
  done
case "$1" in
  "start")
     /sbin/iptables -I INPUT -j clement
     /sbin/iptables -I PREROUTING -j clement -t nat
     ;;
  "stop")
     /sbin/iptables -D PREROUTING -j clement -t nat
     /sbin/iptables -D INPUT -j clement
     /sbin/iptables -X clement -t nat
     /sbin/iptables -X clement
     ;;
  esac
}
#----------------------------------------------------------------------
#Script main part 
#----------------------------------------------------------------------
start()
{
	do_mkcert;
	do_mkconf;
	chk_freshclam;
	do_ipt start;
	gprintf "Starting %s:" "$PROG"
	$PROG $OPTIONS && success || failure
	RETVAL=$?
        [ "$RETVAL" = 0 ] && touch /var/lock/subsys/$PROG
        echo
}

stop()

{
	if [ -f /var/lock/$APPNAME-$VERS/$PROG-lock ] ; then
    	  gprintf "Stopping %s:" "$PROG"
	  do_ipt stop
          kill -TERM `cat /var/lock/$APPNAME-$VERS/$PROG-lock`
          RETVAL=$?
	  sleep 3
          if [ "$RETVAL" = 0 ] ; then
	    success "clement stop"
	    rm -f /var/lock/subsys/$PROG
	  else
	    failure "clement stop"
	    fi
          echo
	  fi
}

#----------------------------------------------------------------------
# See how we were called.
case "$1" in
  start)
	start
	;;

  stop)
	stop
	;;

  restart)
	stop
	sleep 5
	start
	;;

  reload)
	stop
	sleep 5
	start
	;;

  status)
	status $PROG
	;;
  *)
	gprintf "Usage: %s {start|stop|restart|status}\n" "$PROG"
	exit 1
	;;
  esac
exit 0

