#!/bin/sh
# -----------------
PACKAGE_DIR=`dirname "$0"`
PACKAGE_NAME=`basename "$0" .postinst`
PACKAGE_VERSION=`cat ${PACKAGE_DIR}/${PACKAGE_NAME}.control | awk -F': ' '/^Version/{print $2}'`
# -----------------

##======= TIME SETUP =======##
TIMEZONE='GMT-3'
uci set system.@system[0].timezone="$TIMEZONE"

##======= PORTS SETUP =======##
#TCP
#22 - SSH
#80 - HTTP
#102 - 61850 MMS
#161 - SNMP
#443 - HTTPS
#1883 - MQTT
#2404 - IEC 104
#2405 - IEC 104
#2406 - IEC 104
#2407 - IEC 104
#2408 - IEC 104
#4840 - OPC UA
#8081 - TMIUS WEB
#8083 - MQTT SSL

#UDP
#123 - NTP

TCPPORTS='22 80 102 161 443 1883 2404 2405 2406 2407 2408 4840 8081 8883'
UDPPORTS='123'

for port in $TCPPORTS; do
   cfg="$(uci add firewall rule)"
   uci batch << EOF
set firewall.$cfg.name="ACCEPT TCP $port"
set firewall.$cfg.proto="tcp"
set firewall.$cfg.src="wan"
set firewall.$cfg.dest_port="$port"
set firewall.$cfg.target="ACCEPT"
EOF
   uci commit
done

for port in $UDPPORTS; do
    cfg="$(uci add firewall rule)"
    uci batch << EOF
set firewall.$cfg.name="ACCEPT UDP $port"
set firewall.$cfg.proto="udp"
set firewall.$cfg.src="wan"
set firewall.$cfg.dest_port="$port"
set firewall.$cfg.target="ACCEPT"
EOF
    uci commit
done

# net.ipv4.tcp_fin_timeout=30
# net.ipv4.tcp_keepalive_time=30
# net.ipv4.tcp_keepalive_intvl=1
# net.ipv4.tcp_keepalive_probes=5
echo "net.ipv4.tcp_fin_timeout=30" >> /etc/sysctl.conf
echo "net.ipv4.tcp_keepalive_time=30" >> /etc/sysctl.conf
echo "net.ipv4.tcp_keepalive_intvl=1" >> /etc/sysctl.conf
echo "net.ipv4.tcp_keepalive_probes=5" >> /etc/sysctl.conf

model="$(fw_printenv -n board_model)"
mkdir -p /opt/storage/files/tm_cpps
case $model in
    *21*|*22*)
#        mv /tmp/cea/RU21-conf_iRZR2_210317_1439.xml /opt/storage/files/tm_cpps/conf.xml
    ;;
    *25*)
#        mv /tmp/cea/RL25-conf_iRZR2_210317_1139.xml /opt/storage/files/tm_cpps/conf.xml
    ;;
esac

/etc/init.d/sysntpd stop
/etc/init.d/sysntpd disable
mv /tmp/cea/sysntpd.init /etc/init.d/sysntpd 2>/dev/null && \
    chmod +x /etc/init.d/sysntpd
/etc/init.d/sysntpd enable
/etc/init.d/sysntpd start

sysctl -p /etc/sysctl.conf >/dev/null
/etc/init.d/firewall reload &>/dev/null
/etc/init.d/system reload &>/dev/null
