#!/bin/sh

cmdname=`echo "$cmdname" | cut -b 3-`

case "$1" in
	'start')

	if [ $IFCHANGE -eq 1 ]; then
		echo "Interface change in progress.  Not adding rules."
		exit 0
	fi

	# make forward start idempotent
	if [ -e "UNDO" ]; then
		grep "$cmdname" UNDO &> /dev/null
		if [ $? -eq 0 ]; then
			echo "Nothing need be done; the rules already exist."
			exit 0
		fi
	fi

	echo "$cmdname" >> UNDO


	for UDPIN in $UDPINS
	do
        iptables -A FORWARD -i $EXTIF -p UDP -d $DESTIP --dport $UDPIN \
		-m state --state NEW,ESTABLISHED -j ACCEPT
	iptables -t nat -A PREROUTING -i $EXTIF -p UDP -d $EXTIP --dport \
		$UDPIN -j DNAT --to-destination $DESTIP:`echo $UDPIN | sed 's/:/-/'`
	done

	for TCPIN in $TCPINS
	do
        iptables -A FORWARD -i $EXTIF -p TCP -d $DESTIP --dport $TCPIN \
		-m state --state NEW,ESTABLISHED -j ACCEPT
	iptables -t nat -A PREROUTING -i $EXTIF -p TCP -d $EXTIP --dport \
		$TCPIN -j DNAT --to-destination $DESTIP:`echo $TCPIN | sed 's/:/-/'`
	done

	for TCPLLZ in $TCPLL
	do
        iptables -t mangle -A mark-qos -p tcp --sport $TCPLLZ \
		-j TOS --set-tos Minimize-Delay
	done
	for UDPLLZ in $UDPLL
	do
        iptables -t mangle -A mark-qos -p udp --sport $UDPLLZ \
		-j TOS --set-tos Minimize-Delay
	done
	for TCPMINC in $TCPMINCOST
	do
        iptables -t mangle -A mark-qos -p tcp --sport $TCPMINC \
		-j TOS --set-tos Minimize-Cost
	done
	for UDPMINC in $UDPMINCOST
	do
        iptables -t mangle -A mark-qos -p udp --sport $UDPMINC \
		-j TOS --set-tos Minimize-Cost
	done
	;;

	'stop')

	if [ $IFCHANGE -eq 1 ]; then
		DESTIP="$OLDEXTIP"
	fi

	if [ -e "UNDO" ]; then
		echo -e "/^$cmdname$/s/^$cmdname$//\n%g/\\\`\\\'/d\nwq" \
			| ed -s UNDO
		if [ `ls -laF UNDO | awk '{print $5}'` = "0" ]; then
			rm UNDO &> /dev/null
		fi
	fi

	for UDPIN in $UDPINS
	do
        iptables -D FORWARD -i $EXTIF -p UDP -d $DESTIP --dport $UDPIN \
		-m state --state NEW,ESTABLISHED -j ACCEPT
        iptables -t nat -D PREROUTING -i $EXTIF -p UDP -d $EXTIP --dport \
                $UDPIN -j DNAT --to-destination $DESTIP:`echo $UDPIN | sed 's/:/-/'`
	done

	for TCPIN in $TCPINS
	do
        iptables -D FORWARD -i $EXTIF -p TCP -d $DESTIP --dport $TCPIN \
		-m state --state NEW,ESTABLISHED -j ACCEPT
        iptables -t nat -D PREROUTING -i $EXTIF -p TCP -d $EXTIP --dport \
                $TCPIN -j DNAT --to-destination $DESTIP:`echo $TCPIN | sed 's/:/-/'`
	done

	for TCPLLZ in $TCPLL
	do
        iptables -t mangle -D mark-qos -p tcp --sport $TCPLLZ \
		-j TOS --set-tos Minimize-Delay
	done
	for UDPLLZ in $UDPLL
	do
        iptables -t mangle -D mark-qos -p udp --sport $UDPLLZ \
		-j TOS --set-tos Minimize-Delay
	done
	for TCPMINC in $TCPMINCOST
	do
        iptables -t mangle -D mark-qos -p tcp --sport $TCPMINC \
		-j TOS --set-tos Minimize-Cost
	done
	for UDPMINC in $UDPMINCOST
	do
        iptables -t mangle -D mark-qos -p udp --sport $UDPMINC \
		-j TOS --set-tos Minimize-Cost
	done
	;;

	*)
	echo "Use $cmdname (start|stop)"
	;;
esac

