#!/bin/bash
#
##
# Advanced Policy Firewall (APF) v1.7.6
#             (C) 2002-2016, R-fx Networks <proj@rfxn.com>
#             (C) 2016, Ryan MacDonald <ryan@rfxn.com>
# This program may be freely redistributed under the terms of the GNU GPL v2
##
#
INSTALL_PATH=${INSTALL_PATH:-"/etc/apf"}
DEF=${DEF:-".ca.def"}
DOUT=${DOUT:-".conf.apf"}

if [ -d "$INSTALL_PATH.bk.last" ]; then
# get all the vars from current release
. $INSTALL_PATH/conf.apf
# replace with any vars old release had
egrep -v '^\.' $INSTALL_PATH.bk.last/conf.apf > nosource.conf.apf
. nosource.conf.apf
rm nosource.conf.apf

old=`cat $INSTALL_PATH.bk.last/VERSION | awk '{print$2}' | sed 's/-/ /' | awk '{print$1}'`
if [ "$old" = "0.9.5" ] ; then
DEVEL_MODE="$DEVM"
INSTALL_PATH="$FWPATH"
IFACE_IN="${IF}"
IFACE_OUT="$IF"
IFACE_TRUSTED="$TIF"
SET_VNET="$EN_VNET"
SET_MONOKERN="$MONOKERN"
VF_LGATE="$LGATE_MAC"
TOS_DEF="$DEF_TOS"
ALL_STOP="$DSTOP"
BLK_PORTS="$CDPORTS"
LOG_APF="$IPTLOG"
LOG_LGATE="$LGATE_LOG"
LOG_DROP="$DROP_LOG"
LOG_EXT="$EXLOG"
LOG_RATE="$LRATE"
fi

if ! [ -z $IFACE_IN ]; then
    IFACE_UNTRUSTED=$IFACE_IN
fi

# generate new conf
. $DEF

cp -f $INSTALL_PATH/conf.apf $INSTALL_PATH/conf.apf.orig

egrep -A 1000 '^\. \$CNFINT$' /etc/apf.bk.last/conf.apf | egrep -v '^\. \$CNFINT$' >> $DOUT

cp -f $DOUT $INSTALL_PATH/conf.apf
cp -f $INSTALL_PATH.bk.last/*_hosts.rules /etc/apf/ 2> /dev/null
cp -f $INSTALL_PATH.bk.last/vnet/*.rules /etc/apf/vnet/ 2> /dev/null

OV=`cat $INSTALL_PATH.bk.last/VERSION | awk '{print$2}'`
NV=`cat $INSTALL_PATH/VERSION | awk '{print$2}'`
        echo "  Imported options from $OV to $NV."
fi
