#!/bin/sh
#
# a simple script to check, if there was smb traffic since the last test
#
# you may want to adjust the function "filter_ipt_rules" according to your setup
#
# any Parameter are ignored
# 
# this script has to run as root - as it invokes iptables
#
# possible deployment in crontab:
#   smb_timeout.sh && (/etc/init.d/samba stop; umount /mnt/crypto)
#
# the iptables rules you need to detect smb traffic could look like the following:
#   iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT
#   iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT
#
# called by:
#	- TODO: this script is not in use, yet
#

set -eu

# parse config file
. /etc/cryptobox/cryptobox.conf


filter_ipt_rules()
# get the input rules for smb datagram traffic
{
	iptables -L INPUT -vnx | grep -E "tcp upt:138|udp dpt:139"
}


function count_traffic()
{
	local sum=0
	# fallback if no rules were found
	echo "$sum"
	# extract the number of packets and calculate the sum
	filter_ipt_rules | sed 's/  */ /g' | cut -d " " -f 3 | while read a
		do	sum=$((sum+a))
			echo "$sum"
	  done | tail -1
	# sorry for the echo-tail-voodoo - i did not know it better :)
	iptables -Z INPUT
}

# config test
[ -z "`filter_ipt_rules`" ] && echo "[`basename $0`]: Could not find a matching iptables rule!" >&2 && exit 1

# return true if it was idle
test "`count_traffic`" -eq 0
exit $?