#!/bin/sh
# based on static.sh
# Copyright (C) 2020 Tong Zhang<ztong0001@gmail.com>
#

. /lib/nft-qos/core.sh

qosdef_validate_mac() {
	uci_load_validate nft-qos default "$1" "$2" \
		'limit_mac_enable:bool:0'
}

# append rule for mac qos
qosdef_append_rule_mac() { # <section> <operator>
	local macaddr unit rate
	local operator=$2

	config_get macaddr $1 macaddr
	if [ "$operator" = "saddr" ]; then
		config_get unit $1 urunit
		config_get rate $1 urate
	else
		config_get unit $1 drunit
		config_get rate $1 drate
	fi

	[ -z "$macaddr" ] && return

	qosdef_append_rule_mac_limit $macaddr $operator $unit $rate
}

# append chain for mac qos
qosdef_append_chain_mac() { # <hook> <name> <section>
	local hook=$1 name=$2
	local config=$3 operator

	case "$name" in
		download) operator="daddr";;
		upload) operator="saddr";;
	esac

	qosdef_appendx "\tchain $name {\n"
	qosdef_append_chain_def filter $hook 0 accept
	config_foreach qosdef_append_rule_mac $config $operator
	qosdef_appendx "\t}\n"
}

qosdef_flush_mac() {
	if [ -n "$NFT_QOS_HAS_BRIDGE" ]; then
		qosdef_flush_table bridge nft-qos-mac
	else
		qosdef_flush_table "$NFT_QOS_INET_FAMILY" nft-qos-mac
	fi
}

# limit rate by mac address init
qosdef_init_mac() {
	local hook_ul="prerouting" hook_dl="postrouting"

	[ "$2" = 0 ] || {
		logger -t nft-qos-mac "validation failed"
		return 1
	}

	[ $limit_mac_enable -eq 0 ] && return 1

	table_name=$NFT_QOS_INET_FAMILY
	if [ -z "$NFT_QOS_HAS_BRIDGE" ]; then
		hook_ul="postrouting"
		hook_dl="prerouting"
	else
		table_name="bridge"
	fi

	qosdef_appendx "table $table_name nft-qos-mac {\n"
	qosdef_append_chain_mac $hook_ul upload client
	qosdef_append_chain_mac $hook_dl download client
	qosdef_appendx "}\n"
}