#!/usr/local/bin/cbsd
#v9.2.2
MYARG="jname"
MYOPTARG="mode"
MYDESC="Collect IPFW count for jail if availeble\n"
ADDHELP="jname = alljails for cyclic collect via all online jails\n\
mode = nozero - skip for ipfw zero for counters\n\
mode = remove - remove counters after collect info\n"


. ${subr}

init $*

getalljails()
{
	# select only active jail and not VMs
	cbsdsql local "SELECT jname FROM jails WHERE emulator != 'bhyve' AND status=1" |while read jname; do
		fwinit
		insert
	done
}

# prepare dir by $jname
fwinit()
{
	TRAFDIR="${jailsysdir}/${jname}/traffic"
	[ ! -d "${TRAFDIR}" ] && mkdir -p ${TRAFDIR} && chown $cbsduser:$cbsduser ${TRAFDIR}
	CURDATE=$( date "+%Y-%m" )
	TRAFFILE="${TRAFDIR}/${CURDATE}.sqlite"

	if [ ! -f "${TRAFFILE}" ]; then
		/usr/local/bin/cbsd ${miscdir}/updatesql ${TRAFFILE} ${distdir}/share/local-fwcounters.schema traffic
		chown $cbsduser:$cbsduser ${TRAFFILE}
	fi
}

checkjail()
{
	A=$( cbsdsql local select status from jails where jname=\"$jname\" )
	[ "${A}" = "1" ] && return 1
	return 0
}


insert()
{
	[ ! -f "${ftmpdir}/${jname}-fwin" -o ! -f "${ftmpdir}/${jname}-fwout" ] && return 0

	FWIN=$( /bin/cat ${ftmpdir}/${jname}-fwin 2>/dev/null )
	FWOUT=$( /bin/cat ${ftmpdir}/${jname}-fwout 2>/dev/null )

	### FWIN
	BIN=$( /sbin/ipfw show ${FWIN} 2>/dev/null | /usr/bin/awk '/count /{print $3"\n"}' 2>/dev/null )
	INCODE=$?

	### FWOUT
	BOUT=$( /sbin/ipfw show ${FWOUT} 2>/dev/null | /usr/bin/awk '/count /{print $3"\n"}' 2>/dev/null )
	OUTCODE=$?

	if [ ${INCODE} -eq 0 -a ${OUTCODE} -eq 0 ]; then
		# do not insert when counters is zero
		if [ ${BIN} -ne 0 -a ${BOUT} -ne 0 ]; then
			[ "${mode}" != "nozero" ] && /sbin/ipfw -q zero ${FWIN} ${FWOUT} 2>/dev/null
			[ -f "${TRAFFILE}" ] && ${miscdir}/sqlcli ${TRAFFILE} "INSERT INTO traffic ( incoming, outgoing ) VALUES ( \"${BIN}\" , \"${BOUT}\" )"
		fi
	fi

	if [ "${mode}" = "remove" ]; then
		/sbin/ipfw -q delete ${FWIN} ${FWOUT}
		rm -f "${ftmpdir}/${jname}-fwout" "${ftmpdir}/${jname}-fwin"
	fi
}



#MAIN
[ ${ipfw_enable} -eq 0 -a -z "$( sysctl -n net.inet.ip.fw.enable 2>/dev/null )" ] && exit 0

case "${jname}" in
	"alljails")
		getalljails
		;;
	*)
		if ! checkjail; then
			fwinit
			insert
		fi
		;;
esac
