#! /usr/bin/perl

# Compal GmbH (c) 2004
# Licence: GPL
# Author: Bettina Wittke, fwbuilder-routing at compal.de

# add a Routing Element to each firewall if it is necessary (Version >= $FWBVERSION, no Routing Element exists)
# usage: update_fwb.pl firewall_config_files...

# current version of fwbuilder. (to be more precise: this must be the version of the routing capable fwbuilder you downloaded from us.)
$FWBVERSION = '2.0.7';

if ($ARGV[0] eq '-h' || $ARGV[0] eq '--help') {
    print "usage: update_fwb.pl firewall_config_files...\n";
    exit 0;
}

foreach my $fwfile (@ARGV) {
    
    
    # open firewall builder file
    open($fw, "<$fwfile") || die "open $fwfile failed: $!";
    
    $noupdate = 0;
    $firewall = 0;
    $routing = 0;
    $cnt = 100;
    
    $lastline = '';
    $newfw = '';
    
    while ($line = <$fw>) {
     
        if ($noupdate == 1) {
        } else {
     
            if ($line =~ /^<FWObjectDatabase.* version="(\d)\.(\d)\.(\d)"/ ) {
                my $ver1 = $1;
                my $ver2 = $2;
                my $ver3 = $3;

                my ($FW1, $FW2, $FW3) = $FWBVERSION =~ /(\d+)\.(\d+)\.(\d+)/;
                if (($ver1 > $FW1) || ($ver1 == $FW1 && $ver2 > $FW2) || ($ver1 == $FW1 && $ver2 == $FW2 && $ver3 >= $FW3)) {
                    # update fwbuilder file
                    
                    if ($FWBVERSION eq "$ver1.$ver2.$ver3") {
                        # file has version $FWBVERSION
                    } else {
                        # file has version > $FWBVERSION
                        print "the fwbuilder file was created with a higher fwbuilder version as $FWBVERSION!\n" . 
                               "it may happen that the file don't work with our fwbuilder PreRelease.\n\n";
                    }
                    
                    # version must be $FWBVERSION because fwbuilder can't start if version higher than fwbuilder version
                    my $newline = $line;
                    $newline =~ s/ version="\d+\.\d+\.\d+"/ version="$FWBVERSION"/;
                    
                    $newfw .= $newline;
                    $lastline = $newline;
                } else {
                    # no update needet, file version < $FWBVERSION
                    $noupdate = 1;
                }
            } elsif ($line =~ /<Firewall / ) {
                $firewall = 1;
                $newfw .= $line;
                $lastline = $line;
            } elsif ($line =~ /<\/Firewall>/ ) {
                $firewall = 0;
                $newfw .= $line;
                $lastline = $line;
            } elsif ($line =~ /<Interface/ && $lastline =~ /<\/Policy>/ && $firewall == 1) {
                $routing = 1;
                my $newline = $lastline;
                $cnt ++;
                my $routing = "<Routing id=\"id$cnt-routing\"/>";
                $newline =~ s/<\/Policy>/$routing/;
                $newfw .= $newline;
                $newfw .= $line;
                $lastline = $line;
            } else {
                $newfw .= $line;
                $lastline = $line;
            }
            

        }
    }
    close $fw;
    
   if ($noupdate == 1) {
        print "no update needet for file '$fwfile', since version < $FWBVERSION\n";
    } elsif ($routing == 0 ) {
        print "no update needet for file '$fwfile', the element Routing already exists!\n";
    } elsif ($routing == 1) {
    
        # backup old fwbuilder file
        my $backupfile = $fwfile . ".bak";
        rename $fwfile,$backupfile;
        
        # write new fwbuilder file
        open($fw, ">$fwfile") || die "open $fwfile failed: $!";
        print $fw $newfw;
        close $fw;
    
        print "file $fwfile updated; old version $backupfile\n";
    } else {
    	die "internal error";
    }

}