#!/bin/bash

TEXTDOMAINDIR=/usr/share/locale
TEXTDOMAIN=astra-safepolicy

mode=$1

if [ "$UID" != "0" ]; then
    echo $"You must be root to run this script"
    exit 1
fi

if [ -z `which ufw` ]; then
	if [ "$mode" = "status" ]; then echo $"INACTIVE"; fi
	echo $"UFW not found"
	exit 1
fi

workaround()
{
	mkdir ~/.ufw-tmp
	label=`/usr/sbin/pdpl-file /etc/ufw/ufw.conf 2> /dev/null`
	if ! [ -z $label ]; then
		/usr/sbin/pdpl-file $label ~/.ufw-tmp
	fi
	export TMPDIR=~/.ufw-tmp
}

workaround_cleanup()
{
	rm -rf ~/.ufw-tmp
}

if [ "$mode" = "enable" ]; then
	firewalld=`systemctl is-enabled firewalld 2> /dev/null`
	if [ "$firewalld" = "enabled" ]; then
		echo $"firewalld is already enabled, disable it before enabling ufw"
		exit 1
	fi
	workaround
	ufw enable
	workaround_cleanup

elif [ "$mode" = "disable" ]; then 
	workaround
	ufw disable
	workaround_cleanup

elif [ "$mode" = "status" ] || [ "$mode" = "is-enabled" ]; then
	if [ "`ufw status | head -n1`" = "Status: active" ]; then
		if [ "$mode" = "status" ]; then echo $"ACTIVE"; else echo $"ENABLED"; fi
		exit 0;
	else
		if [ "$mode" = "status" ]; then echo $"INACTIVE"; else echo $"DISABLED"; fi
		exit 1;
	fi

else
	echo $"Usage: $0 <enable/disable/status/is-enabled>"
	exit 1
fi
exit 0
