#!/bin/sh
#

log="logger -t p1client-down[$$]"

. /lib/functions.sh
. /etc/racoon/functions.sh

if [ -z "$SPLIT_INCLUDE_CIDR" ]; then
  $log "Connection without server-pushed routing is not supported"
  exit 1
fi

$log "Shutting down tunnel to server $REMOTE_ADDR"
$log "Closing tunnel(-s) to $SPLIT_INCLUDE_CIDR through $INTERNAL_ADDR4"

config_load racoon
config_get confIntZone racoon int_zone lan
config_get confExtZone racoon ext_zone wan

manage_fw del $confIntZone $confExtZone "$INTERNAL_ADDR4 $SPLIT_INCLUDE_CIDR"

data=$(get_zoneiflist $confIntZone)
if [ -n "$data" ]; then
  for item in $data ; do
    network_get_subnet locnet $item
    if [ -n "$locnet" ]; then
      manage_sa del "$locnet" "$SPLIT_INCLUDE_CIDR" $REMOTE_ADDR $INTERNAL_ADDR4
    else
      $log "Can not find subnet on interface $item"
    fi
  done
else
  $log "Can not find subnets in zone $confIntZone"
fi

get_fieldval data dev "$(/usr/sbin/ip route get $REMOTE_ADDR)"
ip address del $INTERNAL_ADDR4/32 dev $data


# EOF /etc/racoon/p1client-down