#!/usr/bin/perl -w


use esmith::ConfigDB;
my $config_db = esmith::ConfigDB->open_ro();
my $db_rules = esmith::ConfigDB->open_ro('openvpn-bridge');
my @rules = $db_rules->get_all_by_prop(type => 'rule');
my $netmask = $config_db->get('LocalNetmask')->value;
my $userAuth = ${'openvpn-bridge'}{userAuth};

my $ccd = "/etc/openvpn/bridge/ccd";
unlink <$ccd/*>;

foreach (@rules){
	my $rule = $_->key;
	my $rec_rule = $db_rules->get("$rule");
	my $ip = $rec_rule->prop('ip') || '';
	my $redirectGW = $rec_rule->prop('redirectGW') || 'disabled';
	my $access = $rec_rule->prop('access') || 'allowed';
	unless (open (CCD, ">$ccd/$rule")){
		die "Error opening $ccd/$rule";
	}

	if ($ip ne ''){
		print CCD "--ifconfig-push $ip $netmask\n";
	}
	else{
		print CCD "# No fixed IP defined\n";
	}
	if ($access eq 'denied'){
		print CCD "--disable\n";
	}
	if ($redirectGW eq 'enabled'){
		print CCD "push \"redirect-gateway def1\"\n";
	}
	close CCD;
}