#!/bin/sh /etc/rc.common
# Copyright (C) 2008 OpenWrt.org
# Copyright (C) 2016 devolo AG
START=50

USE_PROCD=1
PROG="/usr/sbin/snmpd"
LOG="/usr/bin/logger"

CONFIGFILE="/var/run/snmpd.conf"
USERFILE="/usr/lib/snmp/snmpd.conf"
disabled="0"

snmpd_agent_add() {
        local cfg="$1"
        config_get agentaddress "$cfg" agentaddress
        [ -n "$agentaddress" ] || return 0
        echo "agentaddress $agentaddress" >> $CONFIGFILE
        # add each UDP agent as UDP6 agent too
        [ "${agentaddress:0:4}" = "UDP:" ] || return 0
        echo "agentaddress UDP6:${agentaddress:4}" >>$CONFIGFILE
}

get_snmpd_agent_disabled() {
        local cfg="$1"
        config_get disabled "$cfg" disabled
        [ -n "$disabled" ] || disabled="0" && return 0
        disabled="$disabled"
}

snmpd_system_add() {
        local cfg="$1"
        config_get syslocation "$cfg" sysLocation
        [ -n "$syslocation" ] && echo "sysLocation $syslocation" >> $CONFIGFILE
        config_get syscontact "$cfg" sysContact
        [ -n "$syscontact" ] && echo "sysContact $syscontact" >> $CONFIGFILE
        config_get sysname "$cfg" sysName
        [ -n "$sysname" ] && echo "sysName $sysname" >> $CONFIGFILE
        config_get sysservice "$cfg" sysService
        [ -n "$sysservice" ] && echo "sysService $sysservice" >> $CONFIGFILE
        config_get sysdescr "$cfg" sysDescr
        [ -n "$sysdescr" ] && echo "sysDescr $sysdescr" >> $CONFIGFILE
        config_get sysobjectid "$cfg" sysObjectID
        [ -n "$sysobjectid" ] && echo "sysObjectID $sysobjectid" >> $CONFIGFILE
}

snmpd_com2sec_add() {
        local cfg="$1"
        config_get secname "$cfg" secname
        [ -n "$secname" ] || return 0
        config_get source "$cfg" source
        [ -n "$source" ] || return 0
        config_get community "$cfg" community
        [ -n "$community" ] || return 0
        echo "com2sec $secname $source $community" >> $CONFIGFILE
}

snmpd_com2sec6_add() {
        local cfg="$1"
        config_get secname "$cfg" secname
        [ -n "$secname" ] || return 0
        config_get source "$cfg" source
        [ -n "$source" ] || return 0
        config_get community "$cfg" community
        [ -n "$community" ] || return 0
        echo "com2sec6 $secname $source $community" >> $CONFIGFILE
}

snmpd_group_add() {
        local cfg="$1"
        config_get group "$cfg" group
        [ -n "$group" ] || return 0
        config_get version "$cfg" version
        [ -n "$version" ] || return 0
        config_get secname "$cfg" secname
        [ -n "$secname" ] || return 0
        echo "group $group $version $secname" >> $CONFIGFILE
}

snmpd_view_add() {
        local cfg="$1"
        config_get viewname "$cfg" viewname
        [ -n "$viewname" ] || return 0
        config_get type "$cfg" type
        [ -n "$type" ] || return 0
        config_get oid "$cfg" oid
        [ -n "$oid" ] || return 0
        # optional mask
        config_get mask "$cfg" mask
        echo "view $viewname $type $oid $mask" >> $CONFIGFILE
}

snmpd_access_add() {
        local cfg="$1"
        config_get group "$cfg" group
        [ -n "$group" ] || return 0
        config_get context "$cfg" context
        [ -n $context ] || return 0
        [ "$context" == "none" ] && context='""'
        config_get version "$cfg" version
        [ -n "$version" ] || return 0
        config_get level "$cfg" level
        [ -n "$level" ] || return 0
        config_get prefix "$cfg" prefix
        [ -n "$prefix" ] || return 0
        config_get read "$cfg" read
        [ -n "$read" ] || return 0
        config_get write "$cfg" write
        [ -n "$write" ] || return 0
        config_get notify "$cfg" notify
        [ -n "$notify" ] || return 0
        echo "access $group $context $version $level $prefix $read $write $notify" >> $CONFIGFILE
        #save access level for upcoming user_add
        access_level="$level"
}

snmpd_user_add() {
        [ -n "$access_level" ] || return 0
        local cfg="$1"
        config_get name "$cfg" name
        [ -n "$name" ] || return 0
        config_get access "$cfg" access
        [ -n "$access" ] || return 0
        config_get authpass "$cfg" authpass
        config_get authtype "$cfg" authtype
        config_get secpass "$cfg" secpass
        config_get sectype "$cfg" sectype
        if [ -z "$authpass" ] ; then
                authtype=""
                sectype=""
        elif [ -z "$secpass" ] ; then
                sectype=""
        fi
        [ -n "$authpass" ] && [ -z "$authtype" ] && return 0
        [ -n "$secpass" ] && [ -z "$sectype" ] && return 0
        args=
        [ -n "$authpass" ] && args="$args $authtype \"$authpass\""
        [ -n "$secpass" ] && args="$args $sectype \"$secpass\""
        local ro="-ro"
        rm -rf /usr/share/snmp/snmpd.conf
        if [ "$access" != "ro" ]; then
            $LOG "snmpd: access rw not available, ro only"
            #ro=""
            #echo "rwuser $name $access_level" >> $CONFIGFILE
        else
            echo "rouser $name $access_level" >> $CONFIGFILE
        fi
        #do not add, replace
        echo "createUser $name $args" > $USERFILE
}

snmpd_pass_add() {
        local cfg="$1"
        local pass='pass'

        config_get miboid "$cfg" miboid
        [ -n "$miboid" ] || return 0
        config_get prog "$cfg" prog
        [ -n "$prog" ] || return 0
        config_get_bool persist "$cfg" persist 0
        [ $persist -ne 0 ] && pass='pass_persist'
        config_get priority "$cfg" priority
        priority=${priority:+-p $priority}
        echo "$pass $priority $miboid $prog" >> $CONFIGFILE
}

snmpd_exec_add() {
        local cfg="$1"

        config_get name "$cfg" name
        [ -n "$name" ] || return 0
        config_get prog "$cfg" prog
        [ -n "$prog" ] || return 0
        config_get args "$cfg" args
        config_get miboid "$cfg" miboid
        echo "exec $miboid $name $prog $args" >> $CONFIGFILE
}

snmpd_disk_add() {
        local cfg="$1"
        local disk='disk'

        config_get partition "$cfg" partition
        [ -n "$partition" ] || return 0
        config_get size "$cfg" size
        [ -n "$size" ] || return 0
        echo "$disk $partition $size" >> $CONFIGFILE
}

service_triggers()
{
        procd_add_reload_trigger snmpd
}


start_service() {
        [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE"
        [ -f "$USERFILE" ] && rm -f "$USERFILE"

        config_load snmpd
        #assume only one
        config_foreach get_snmpd_agent_disabled agent
        if [ "$disabled" = "0" ]; then
            config_foreach snmpd_agent_add agent
            config_foreach snmpd_system_add system
            config_foreach snmpd_com2sec_add com2sec
            # add each com2sec section as com2sec6 too but ignore explicit com2sec6 sections!
            config_foreach snmpd_com2sec6_add com2sec
            config_foreach snmpd_group_add group
            config_foreach snmpd_view_add view
            config_foreach snmpd_access_add access
            # user add must be executed after access_add!
            config_foreach snmpd_user_add userv3
            config_foreach snmpd_pass_add pass
            config_foreach snmpd_exec_add exec
            config_foreach snmpd_disk_add disk

            procd_open_instance

            procd_set_param command $PROG -Lf /dev/null -f
            procd_set_param file $CONFIGFILE
            procd_set_param respawn

            for iface in $(ls /sys/class/net 2>/dev/null); do
                    procd_append_param netdev "$iface"
            done

            procd_close_instance
        else
            $LOG "SNMP agent disabled"
        fi
}

stop_service() {
        [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE"
        [ -f "$USERFILE" ] && rm -f "$USERFILE"
}

reload_service() {
       stop
       start
}