#!/usr/bin/perl

use strict;

use gateway_lib;

use IO::File;

use Getopt::Long;

my $ssh_pubkey;
my $ssh_privkey;
my $active;
my $tunnelip;
my $peer;
my $fedkit_dir= "/usr/local/federation";
my $perl = "/usr/bin/perl";
my $iface_file = "/var/emulab/boot/ifmap";
my $ssh = "/usr/bin/ssh";
my $seer;
my $ssh_port = 22;
my @ports;
my $use_file;

my %opts = (
    'ssh_pubkey=s' => \$ssh_pubkey,
    'ssh_privkey=s' => \$ssh_privkey,
    'tunnelip' => \$tunnelip,
    'peer=s' => \$peer,
    'fedkit=s' => \$fedkit_dir,
    'perl=s' => \$perl,
    'interfaces=s' => \$iface_file,
    'ssh=s' => \$ssh,
    'port=s' => \@ports,
    'active' => \$active, 
    'ssh_port=s' => \$ssh_port,
    'use_file' => \$use_file,
    'seer' => \$seer,
);

exit(20) unless GetOptions(%opts);

if ($use_file) {
    gateway_lib::read_config(gateway_lib::config_filename(), \%opts)
}

my $tunnelparam = $tunnelip ? '--tunnelip' : '';

# Private keys need to have restrictive permissions
chmod(0600, $ssh_privkey);
if ($active) {
    my $portparam = join(" --port=", @ports);

    # join doesn't prefix the first one
    $portparam="--port=$portparam" if $portparam;

    system("$perl -I$fedkit_dir/lib $fedkit_dir/bin/active_config.pl " .
	"--peer=$peer --ssh_pubkey=$ssh_pubkey --ssh_privkey=$ssh_privkey " .
	" $tunnelparam --fedkit=$fedkit_dir --perl=$perl " .
	"--ssh_port=$ssh_port --ssh=$ssh --interfaces=$iface_file");
    exit(20) if $?;

    system("$perl -I$fedkit_dir/lib $fedkit_dir/bin/port_forward.pl " .
	"--peer=$peer --ssh_pubkey=$ssh_pubkey --ssh_privkey=$ssh_privkey " .
	" $tunnelparam --fedkit=$fedkit_dir --perl=$perl " .
	"--ssh=$ssh --ssh_port=$ssh_port $portparam");
    exit(20) if $?;

    if ($seer ) {
	system("$perl -I$fedkit_dir/lib $fedkit_dir/bin/start_seer.pl " .
	    "--peer=$peer --seer --fedkit=$fedkit_dir --perl=$perl " .
	    "--ssh=$ssh --ssh_privkey=$ssh_privkey");
	exit(20) if $?;
    }

}
else {
    system("$perl -I$fedkit_dir/lib $fedkit_dir/bin/prep_gateway.pl " . 
	"--peer=$peer --ssh_pubkey=$ssh_pubkey $tunnelparam");
    exit(20) if $?;
}

=pod

=head1 NAME

B<combo_active.pl> - Do both the active configuration of a connectiveity gateway and service port forwarding.

=head1 OPTIONS

=over 8

=item B<fedkit=>I<install_dir>

Directory in which this software is installed.  Generally not needed.

=item B<interfaces=>I<interface table>

A list of interfaces to forward data on of the form:

=begin text

iface ip_addr

=end text

The interface is the operating system name of the interface and the IP address
is given in standard dotted decimal notation.  Other characters on a line are
ignored.

=item B<peer=>I<hostname>

The other gateway providing forwarding.

=item B<perl=>I<perl_binary>
 
Location of the perl binary.  Usually unneeded.

=item B<port=>I<port_spec>

Forward the given port.  The port is specified as 
for B<port_forward.pl>

=item B<ssh=>I<ssh_binary>

The pathname of the ssh binary.  Unusally unnecessary.

=item B<ssh_pubkey=>I<keyfile>

A public to install as authorized.

=item B<ssh_privkey=>I<identity_file>

The identity to use for remote access

=item B<tunnelip>

True if the testbed uses the DETER tunnelip extension to provide external
connectivity information

=item B<use_file>

If given read additional parameters from the file in
/proj/I<project>/exp/I<experiment/tmp/I<hostname>.gw/conf where those are the
current testbed project and experiment and the hostname is before the first
dot.  The file is option: value.

=back

=head1 SYNOPSIS

Call B<active_config.pl> and B<port_forward.pl> with the relevant parameters.


=head1 AUTHORS

Ted Faber <faber@isi.edu>

=cut