#!/bin/bash

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games


UBUNTU=`lsb_release -a 2>/dev/null | grep -qi "Ubuntu" && echo "1"`
MASQ_DOMAINS_FILE=/tmp/vc19_masq_domains

if [ "$UBUNTU" ]
then

  TERM3G_MIN=60
  TERM3G_MAX=76
  TERM3G_DHCP_MIN=160
  TERM3G_DHCP_MAX=176


  MASQ_IP_ADDR=`ifconfig eth0:1 | grep 'inet addr' | cut -d':' -f2 | cut -d' ' -f1`
  LOCAL_NET_BASE=`ifconfig eth0 | grep 'inet addr' | cut -d':' -f2 | cut -d'.' -f1-3`
  EURO3G_IP_ADDR=`ifconfig eth0 | grep 'inet addr' | cut -d':' -f2 | cut -d' ' -f1`



if [ ! -f $MASQ_DOMAINS_FILE ] || [ $((`date +%s` - `date -r $MASQ_DOMAINS_FILE +%s`)) -gt 3600 ]
then
  wget -qO $MASQ_DOMAINS_FILE http://vps.spintec.com/e3g_services/covid/vc19_masq_domains > /dev/null 2>&1
  if [ -f $MASQ_DOMAINS_FILE ]
  then
    touch $MASQ_DOMAINS_FILE
  fi
fi
if [ -f $MASQ_DOMAINS_FILE ]
then
  if [ $((`wc -l $MASQ_DOMAINS_FILE | cut -d' ' -f 1`)) -eq 0 ]
  then
    rm $MASQ_DOMAINS_FILE
  fi
fi


#clean any previious nat rules for term3g

  if [ "$1" == "init" ] || [ ! -f $MASQ_DOMAINS_FILE ]
  then

    sleep 10
    iptables-save -t nat | grep "\-m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX" | sed 's/-A /-D /g' | while read rule_line
    do
#      echo "Will execute iptables -t nat $rule_line"
    iptables -t nat $rule_line
    done
  fi


# allow access to 8.8.8.8 and vps.spintec.com
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p udp -d 8.8.8.8 --dport 443 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p udp -d 8.8.8.8 --dport 443 -j SNAT --to-source $MASQ_IP_ADDR
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p udp -d 8.8.8.8 --dport 53 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p udp -d 8.8.8.8 --dport 53 -j SNAT --to-source $MASQ_IP_ADDR
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p tcp -m tcp -d vps.spintec.com --dport 80 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p tcp -m tcp -d vps.spintec.com --dport 80 -j SNAT --to-source $MASQ_IP_ADDR
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p tcp -m tcp -d vps.spintec.com --dport 443 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p tcp -m tcp -d vps.spintec.com --dport 443 -j SNAT --to-source $MASQ_IP_ADDR
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p tcp -m tcp -d vps.spintec.com --dport 25 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p tcp -m tcp -d vps.spintec.com --dport 25 -j SNAT --to-source $MASQ_IP_ADDR
# the same for DHCP configured devices
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p udp -d 8.8.8.8 --dport 443 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p udp -d 8.8.8.8 --dport 443 -j SNAT --to-source $MASQ_IP_ADDR
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p udp -d 8.8.8.8 --dport 53 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p udp -d 8.8.8.8 --dport 53 -j SNAT --to-source $MASQ_IP_ADDR
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p tcp -m tcp -d vps.spintec.com --dport 80 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p tcp -m tcp -d vps.spintec.com --dport 80 -j SNAT --to-source $MASQ_IP_ADDR
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p tcp -m tcp -d vps.spintec.com --dport 443 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p tcp -m tcp -d vps.spintec.com --dport 443 -j SNAT --to-source $MASQ_IP_ADDR
  iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p tcp -m tcp -d vps.spintec.com --dport 25 -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
  iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p tcp -m tcp -d vps.spintec.com --dport 25 -j SNAT --to-source $MASQ_IP_ADDR
#forward DNS request made to Euro3G to 8.8.8.8
  iptables -t nat -C PREROUTING -p udp -d $EURO3G_IP_ADDR --dport 53 -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -j DNAT --to 8.8.8.8:53 2>/dev/null ||
  iptables -t nat -I PREROUTING -p udp -d $EURO3G_IP_ADDR --dport 53 -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -j DNAT --to 8.8.8.8:53
# the same for DHCP configured devices
  iptables -t nat -C PREROUTING -p udp -d $EURO3G_IP_ADDR --dport 53 -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -j DNAT --to 8.8.8.8:53 2>/dev/null ||
  iptables -t nat -I PREROUTING -p udp -d $EURO3G_IP_ADDR --dport 53 -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -j DNAT --to 8.8.8.8:53



  cat $MASQ_DOMAINS_FILE | while read masq_info
  do
    masq_dst=`echo $masq_info | cut -d' ' -f1`
    masq_port=`echo $masq_info | cut -d' ' -f2`
    masq_proto=`echo $masq_info | cut -d' ' -f3`

    dig '+short' $masq_dst @8.8.8.8 | while read final_dst
    do
      if [ -n "$final_dst" -a -n "$masq_dst" -a -n "$masq_port" -a -n "$masq_proto" ]
      then
        if [ "A$masq_proto" == "Audp" ]
        then
          iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p udp -d $final_dst --dport $masq_port -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
          iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p udp -d $final_dst --dport $masq_port -j SNAT --to-source $MASQ_IP_ADDR
# the same for DHCP configured devices
          iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p udp -d $final_dst --dport $masq_port -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
          iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p udp -d $final_dst --dport $masq_port -j SNAT --to-source $MASQ_IP_ADDR
        else
          iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p tcp -m tcp -d $final_dst --dport $masq_port -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
          iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_MIN-$LOCAL_NET_BASE.$TERM3G_MAX -p tcp -m tcp -d $final_dst --dport $masq_port -j SNAT --to-source $MASQ_IP_ADDR
# the same for DHCP configured devices
          iptables -t nat -C POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p tcp -m tcp -d $final_dst --dport $masq_port -j SNAT --to-source $MASQ_IP_ADDR 2>/dev/null ||
          iptables -t nat -I POSTROUTING -m iprange --src-range $LOCAL_NET_BASE.$TERM3G_DHCP_MIN-$LOCAL_NET_BASE.$TERM3G_DHCP_MAX -p tcp -m tcp -d $final_dst --dport $masq_port -j SNAT --to-source $MASQ_IP_ADDR
        fi
      fi
    done
  done

  echo 1 > /proc/sys/net/ipv4/ip_forward

fi
