#!/bin/sh

uci -q batch <<-EOF >/dev/null
	delete firewall.ipsecd
	commit firewall
EOF

uci -q batch <<-EOF >/dev/null
	delete network.VPN
	set network.VPN=interface
	set network.VPN.device="ipsec0"
	set network.VPN.proto="static"
	set network.VPN.ipaddr="192.168.0.1"
	set network.VPN.netmask="255.255.255.0"
	commit network

	delete firewall.ike
	add firewall rule
	rename firewall.@rule[-1]="ike"
	set firewall.@rule[-1].name="ike"
	set firewall.@rule[-1].target="ACCEPT"
	set firewall.@rule[-1].src="wan"
	set firewall.@rule[-1].proto="udp"
	set firewall.@rule[-1].dest_port="500"

	delete firewall.ipsec
	add firewall rule
	rename firewall.@rule[-1]="ipsec"
	set firewall.@rule[-1].name="ipsec"
	set firewall.@rule[-1].target="ACCEPT"
	set firewall.@rule[-1].src="wan"
	set firewall.@rule[-1].proto="udp"
	set firewall.@rule[-1].dest_port="4500"

	delete firewall.ah
	add firewall rule
	rename firewall.@rule[-1]="ah"
	set firewall.@rule[-1].name="ah"
	set firewall.@rule[-1].target="ACCEPT"
	set firewall.@rule[-1].src="wan"
	set firewall.@rule[-1].proto="ah"

	delete firewall.esp
	add firewall rule
	rename firewall.@rule[-1]="esp"
	set firewall.@rule[-1].name="esp"
	set firewall.@rule[-1].target="ACCEPT"
	set firewall.@rule[-1].src="wan"
	set firewall.@rule[-1].proto="esp"

	delete firewall.VPN
	set firewall.VPN=zone
	set firewall.VPN.name="VPN"
	set firewall.VPN.input="ACCEPT"
	set firewall.VPN.forward="ACCEPT"
	set firewall.VPN.output="ACCEPT"
	set firewall.VPN.network="VPN"

	delete firewall.vpn
	set firewall.vpn=forwarding
	set firewall.vpn.name="vpn"
	set firewall.vpn.dest="wan"
	set firewall.vpn.src="VPN"

	commit firewall
EOF

[ -f "/etc/config/ipsec" ] && mv "/etc/config/ipsec" "/etc/config/ipsec-vpnd"

rm -f /tmp/luci-indexcache
exit 0
