#!/bin/bash
# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :

[ -n "$1" ] || exit

. /lib/functions.sh

basename="$(basename $0)"

if [ -e /usr/sbin/iptables-nft ]; then
	IPTABLES="/usr/sbin/iptables-nft"
	IPTABLESSAVE="/usr/sbin/iptables-nft-save"
else
	IPTABLES="/usr/sbin/iptables"
	IPTABLESSAVE="/usr/sbin/iptables-save"
fi

export OMR_TRACKER_STATUS
export OMR_TRACKER_PREV_STATUS
export OMR_TRACKER_STATUS_MSG



_log() {
	logger -p daemon.info -t "${basename}" "$@"
}

_post_tracking() {
	[ -d /usr/share/omr/ss-post-tracking.d ] && {
		for tracker_bin in /usr/share/omr/ss-post-tracking.d/*; do
			[ -x "$tracker_bin" ] && (
				_log() {
					logger -t "ss-post-tracking-${tracker_bin##*/}" "$*"
				}
				. "$tracker_bin" 2>&1
			)
		done
	}
	[ -d /usr/share/omr/proxy-post-tracking.d ] && {
		for tracker_bin in /usr/share/omr/proxy-post-tracking.d/*; do
			[ -x "$tracker_bin" ] && (
				_log() {
					logger -t "proxy-post-tracking-${tracker_bin##*/}" "$*"
				}
				. "$tracker_bin" 2>&1
			)
		done
	}
}

_ping_server() {
	local host=$1
	ret=$(ping \
	    -w "$OMR_TRACKER_TIMEOUT" \
	    -c 1 \
	    -q \
	    "${host}" 2>&1
	) && echo "$ret" | grep -sq " 0% packet loss" && {
		server_ping=true
	}
}

_get_ip() {
	uci -q set openmptcprouter.omr=router
	if [ "$(uci -q get openmptcprouter.settings.external_check)" != "0" ]; then
		check_ipv4_website="$(uci -q get openmptcprouter.settings.check_ipv4_website)"
		[ -z "$check_ipv4_website" ] && check_ipv4_website="http://ip.openmptcprouter.com"
		check_ipv6_website="$(uci -q get openmptcprouter.settings.check_ipv6_website)"
		[ -z "$check_ipv6_website" ] && check_ipv6_website="http://ipv6.openmptcprouter.com"
		public_ipv4="$(curl -s -4 -m 3 $check_ipv4_website)"
		uci -q set openmptcprouter.omr.detected_public_ipv4="${public_ipv4}"
		[ -n "$public_ipv4" ] && {
			uci -q set upnpd.config.external_ip="${public_ipv4}"
			uci -q commit upnpd
		}
		if [ "$(uci -q get openmptcprouter.omr.shadowsocks)" != "down" ]; then
			uci -q set openmptcprouter.omr.detected_ss_ipv4="$(curl -s -4 --socks5 "${proxy}" --max-time 3 $check_ipv4_website)"
		else
			uci -q del openmptcprouter.omr.detected_ss_ipv4
		fi
		if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "1" ]; then
			uci -q set openmptcprouter.omr.detected_public_ipv6="$(curl -s -6 -m 3 $check_ipv6_website)"
		else
			uci -q del openmptcprouter.omr.detected_public_ipv6
		#	uci -q set openmptcprouter.omr.detected_ss_ipv6=$(curl -s -6 --socks5 ":::1111" --max-time 3 http://ip.openmptcprouter.com)
		fi
	fi
	uci -q commit openmptcprouter
}

timeout=${OMR_TRACKER_TIMEOUT:-5}
interval=${OMR_TRACKER_INTERVAL:-10}
retry=${OMR_TRACKER_TRIES:-4}
proxy=${OMR_TRACKER_PROXY:-127.0.0.1:1111}
hosts=${OMR_TRACKER_HOSTS:-1.1.1.1 1.0.0.1}
#hosts6=${OMR_TRACKER_HOSTS6}
wait_test=${OMR_TRACKER_WAIT_TEST:-0}
server=${OMR_TRACKER_SERVER:-sss0}
type=${OMR_TRACKER_SS_TYPE:-libev}
#nodns=0

last=0
nocontact=""
uci -q set openmptcprouter.omr=router
uci -q delete openmptcprouter.omr.shadowsocks=""
_get_ip

OMR_TRACKER_PREV_STATUS=""

while true; do
	host="${hosts%% *}"
	[ "$host" = "$hosts" ] || {
		hosts="${hosts#* } $host"
	}
	#if [ -n "$host6" ]; then
	#	host6="${hosts6%% *}"
	#	[ "$host6" = "$hosts6" ] || {
	#		hosts6="${hosts6#* } $host6"
	#	}
	#fi
	#if [ "$(curl -s -I -w %{http_code} --socks5 "${proxy}" --max-time "${timeout}" "$host" -o /dev/null)" != "000" ] || [ "$(curl -s -I -w %{http_code} --socks5 "${proxy}" --max-time "${timeout}" "$host6" -o /dev/null)" != "000" ]; then
	if [ "$(curl -s -I -w %{http_code} --socks5 "${proxy}" --max-time "${timeout}" "$host" -o /dev/null)" != "000" ]; then
		nocontact=""
		[ "${last}" -ge "${retry}" ] || [ "$(uci -q get openmptcprouter.omr.ss_${server})" != "up" ] && {
			_log "Shadowsocks $type ${server} is up (can contact via http ${host})"
			OMR_TRACKER_STATUS_MSG="Shadowsocks $type ${server} is up (can contact via http ${host})"
			uci -q set openmptcprouter.omr.ss_${server}="up"
			uci -q commit openmptcprouter.omr
			if [ "$type" = "libev" ]; then
				_remove_rule() {
					[ "$(uci -q get shadowsocks-libev.$1.server)" != "$2" ] && return
					uci -q set shadowsocks-libev.$1.disabled=0
				}
				config_load shadowsocks-libev
				config_foreach _remove_rule ss_redir ${server}
				uci -q commit shadowsocks-libev
			fi
			if [ "$type" = "rust" ]; then
				_remove_rule() {
					[ "$(uci -q get shadowsocks-rust.$1.server)" != "$2" ] && return
					uci -q set shadowsocks-rust.$1.disabled=0
				}
				config_load shadowsocks-rust
				config_foreach _remove_rule ss_redir ${server}
				uci -q commit shadowsocks-rust
			fi
			[ "$type" = "libev" ] && /etc/init.d/shadowsocks-libev rules_reset 2> /dev/null
			[ "$type" = "rust" ] && /etc/init.d/shadowsocks-rust rules_reset 2> /dev/null
			#[ "$type" = "libev" ] && /etc/init.d/shadowsocks-libev rules_up 2> /dev/null
			#[ "$type" = "rust" ] && /etc/init.d/shadowsocks-rust rules_up 2> /dev/null

			mail_alert="$(uci -q get omr-tracker.proxy.mail_alert)"
			#[ -z "$mail_alert" ] && mail_alert="$(uci -q get omr-tracker.defaults.mail_alert)"
			[ "$mail_alert" = "1" ] && [ -n "$(uci -q get mail.default.to)" ] && {
				OMR_SYSNAME="$(uci -q get system.@system[0].hostname)"
				if [ "$(uci -q get omr-tracker.defaults.mail_up_subject)" != "" ] && [ "$(uci -q get omr-tracker.defaults.mail_up_message)" != "" ]; then
					mail_subject="$(uci -q get omr-tracker.defaults.mail_up_subject)"
					mail_subject=`echo $mail_subject | sed -e "s/%SYSNAME%/$OMR_SYSNAME/g" -e "s/%INTERFACE%/Shadowsocks Proxy/g" -e "s/%DEVICE%/Shadowsocks Proxy/g" -e "s/%MESSAGE%/$OMR_TRACKER_STATUS_MSG/g"`
					mail_message="$(uci -q get omr-tracker.defaults.mail_up_message)"
					mail_message=`echo $mail_message | sed -e "s/%SYSNAME%/$OMR_SYSNAME/g" -e "s/%INTERFACE%/Shadowsocks Proxy/g" -e "s/%DEVICE%/Shadowsocks Proxy/g" -e "s/%MESSAGE%/$OMR_TRACKER_STATUS_MSG/g"`
					echo -e "Subject: ${mail_subject}\n\n${mail_message}" | sendmail $(uci -q get mail.default.to)
				else
					echo -e "Subject: $OMR_SYSNAME: Shadowsocks Proxy is UP." | sendmail $(uci -q get mail.default.to)
				fi
			}
			script_alert_up="$(uci -q get omr-tracker.proxy.script_alert_up)"
			[ -n "$script_alert_up" ] && eval $script_alert_up
			_get_ip
		}
		if [ -z "$($IPTABLESSAVE 2>/dev/null | grep :ssr)" ] && [ -z "$(nft list ruleset 2>/dev/null | grep 'goto ss_rules_forward_tcp')" ]; then
			if [ "$type" = "libev" ] && [ "$(uci -q get shadowsocks-libev.ss_rules.disabled)" != "1" ] && [ "$(uci -q get shadowsocks-libev.${server}.key)" != "" ] && [ "$(uci -q get shadowsocks-libev.${server}.server)" != "" ] && [ "$(uci -q get shadowsocks-libev.${server}.disabled)" != "1" ]; then
				_log "Reload Shadowsocks rules"
				/etc/init.d/shadowsocks-libev rules_up 2> /dev/null
				if [ "$(/etc/init.d/shadowsocks-libev rules_exist; echo $?)" -ne 0 ] ; then
					_log "Rules still not set, restart Shadowsocks"
					/etc/init.d/shadowsocks-libev restart >/dev/null 2>&1
				fi
				_get_ip
			elif [ "$type" = "rust" ] && [ "$(uci -q get shadowsocks-rust.ss_rules.disabled)" != "1" ] && [ "$(uci -q get shadowsocks-rust.${server}.password)" != "" ] && [ "$(uci -q get shadowsocks-rust.${server}.server)" != "" ] && [ "$(uci -q get shadowsocks-rust.${server}.disabled)" != "1" ]; then
				_log "Reload Shadowsocks Rust rules"
				/etc/init.d/shadowsocks-rust rules_up 2> /dev/null
				if [ "$(/etc/init.d/shadowsocks-rust rules_exist; echo $?)" -ne 0 ] ; then
					_log "Rules still not set, restart Shadowsocks-Rust"
					/etc/init.d/shadowsocks-rust restart >/dev/null 2>&1
				fi
				_get_ip
			fi
		fi
		[ "$(uci -q get openmptcprouter.omr.detected_public_ipv4)" = "" ] || { [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "1" ] && [ "$(uci -q get openmptcprouter.omr.detected_public_ipv6)" = "" ]; } && _get_ip
		last=0
		OMR_TRACKER_STATUS="OK"
	else
		last=$((last + 1 ))
		[ -z "$nocontact" ] && nocontact="$host" || nocontact="$nocontact, $host"
		if [ "$type" = "libev" ]; then
			serverip="$(uci -q get shadowsocks-libev.${server}.server)"
			disabled="$(uci -q get shadowsocks-libev.${server}.disabled)"
		elif [ "$type" = "rust" ]; then
			serverip="$(uci -q get shadowsocks-rust.${server}.server)"
			disabled="$(uci -q get shadowsocks-rust.${server}.disabled)"
			config_foreach shadowsocks-rust ${server}
		fi
		ssredir=0
		if [ "$type" = "libev" ]; then
			_remove_rule() {
				[ "$(uci -q get shadowsocks-libev.$1.server)" = "$2" ] && ssredir=$((ssredir + 1))
			}
			config_foreach _remove_rule ss_redir ${server}
			uci -q commit shadowsocks-libev
		fi
		if [ "$type" = "rust" ]; then
			_remove_rule() {
				[ "$(uci -q get shadowsocks-rust.$1.server)" = "$2" ] && ssredir=$((ssredir + 1))
			}
			config_foreach _remove_rule ss_redir ${server}
			uci -q commit shadowsocks-rust
		fi

		[ "${last}" -ge "${retry}" ] && [ "$ssredir" -ge 1 ] && {
			#if [ "$OMR_TRACKER_PREV_STATUS" != "ERROR" ] && { [ -n "$($IPTABLES -w -t nat -L -n 2>/dev/null | grep ssr)" ] || [ -n "$(nft list ruleset 2>/dev/null | grep ss_r)" ] || [ -n "$(nft list ruleset 2>/dev/null | grep ssr_r)" ]; }; then
			if [ -n "$(nft list ruleset | grep $serverip)" ] && [ -n "$(nft list ruleset 2>/dev/null | grep 'goto ss_rules_forward_tcp')" ]; then
				_log "Shadowsocks $type ${server} is down (can't contact via http ${nocontact})"
				OMR_TRACKER_STATUS_MSG="Shadowsocks $type ${server} is down (can't contact via http ${nocontact})"
				uci -q set openmptcprouter.omr.ss_${server}="down"
				uci -q commit openmptcprouter.omr

#				if [ "$(nft list ruleset | grep 'tcp redirect to :' | wc -l)" = "1" ] || [ "$type" = "libev" ]; then
#				#if [ -z "$(uci show openmptcprouter.omr | grep ss_ | grep up)" ]; then
#					[ "$type" = "libev" ] && /etc/init.d/shadowsocks-libev rules_down 2> /dev/null
#					[ "$type" = "rust" ] && /etc/init.d/shadowsocks-rust rules_down 2> /dev/null
#				#fi
#				else
				if [ "$type" = "libev" ]; then
					_remove_rule() {
						[ "$(uci -q get shadowsocks-libev.$1.server)" != "$2" ] && return
						uci -q set shadowsocks-libev.$1.disabled=1
					}
					config_foreach _remove_rule ss_redir ${server}
					uci -q commit shadowsocks-libev
				fi
				if [ "$type" = "rust" ]; then
					_remove_rule() {
						[ "$(uci -q get shadowsocks-rust.$1.server)" != "$2" ] && return
						uci -q set shadowsocks-rust.$1.disabled=1
					}
					config_foreach _remove_rule ss_redir ${server}
					uci -q commit shadowsocks-rust
				fi
#				[ "$type" = "libev" ] && /etc/init.d/shadowsocks-libev reload 2> /dev/null
#				[ "$type" = "rust" ] && /etc/init.d/shadowsocks-rust reload 2> /dev/null
				[ "$type" = "libev" ] && /etc/init.d/shadowsocks-libev rules_reset 2> /dev/null
				[ "$type" = "rust" ] && /etc/init.d/shadowsocks-rust rules_reset 2> /dev/null
				_get_ip
				server_ping=false
				_ping_server $serverip
				if [ "$server_ping" = false ]; then
					_log "Server $server ($serverip) seems down, no answer to ping"
					OMR_TRACKER_STATUS_MSG="${OMR_TRACKER_STATUS_MSG} - Server $server ($serverip) seems down, no answer to ping"
				fi
				mail_alert="$(uci -q get omr-tracker.proxy.mail_alert)"
				#[ -z "$mail_alert" ] && mail_alert="$(uci -q get omr-tracker.defaults.mail_alert)"
				[ "$mail_alert" = "1" ] && [ -n "$(uci -q get mail.default.to)" ] && {
					OMR_SYSNAME="$(uci -q get system.@system[0].hostname)"
					if [ "$(uci -q get omr-tracker.defaults.mail_down_subject)" != "" ] && [ "$(uci -q get omr-tracker.defaults.mail_down_message)" != "" ]; then
						mail_subject="$(uci -q get omr-tracker.defaults.mail_down_subject)"
						mail_subject=`echo $mail_subject | sed -e "s/%SYSNAME%/$OMR_SYSNAME/g" -e "s/%INTERFACE%/Shadowsocks Proxy/g" -e "s/%DEVICE%/Shadowsocks Proxy/g" -e "s/%MESSAGE%/$OMR_TRACKER_STATUS_MSG/g"`
						mail_message="$(uci -q get omr-tracker.defaults.mail_down_message)"
						mail_message=`echo $mail_message | sed -e "s/%SYSNAME%/$OMR_SYSNAME/g" -e "s/%INTERFACE%/Shadowsocks Proxy/g" -e "s/%DEVICE%/Shadowsocks Proxy/g" -e "s/%MESSAGE%/$OMR_TRACKER_STATUS_MSG/g"`
						echo -e "Subject: ${mail_subject}\n\n${mail_message}" | sendmail $(uci -q get mail.default.to)
					else
						echo -e "Subject: $OMR_SYSNAME: Shadowsocks Proxy is down\n\nConnection failure of ShadowSocks proxy detected. The reason is \"$OMR_TRACKER_STATUS_MSG\"." | sendmail $(uci -q get mail.default.to)
					fi
				}
				script_alert_down="$(uci -q get omr-tracker.proxy.script_alert_down)"
				[ -n "$script_alert_down" ] && eval $script_alert_down
				if [ "$disabled" != "1" ] && [ "$serverip" != "1" ]; then
					if [ "$type" = "libev" ] && [ "$(pgrep ss-redir)" = "" ] && [ "$(uci -q get shadowsocks-libev.${server}.key)" != "" ]; then
						_log "Can't find shadowsocks, restart it..."
						/etc/init.d/shadowsocks-libev restart
						sleep 5
					fi
					if [ "$type" = "rust" ] && [ "$(pgrep sslocal)" = "" ] && [ "$(uci -q get shadowsocks-rust.${server}.password)" != "" ]; then
						_log "Can't find shadowsocks rust, restart it..."
						/etc/init.d/shadowsocks-rust restart
						sleep 5
					fi
				fi
				sleep $wait_test
				OMR_TRACKER_STATUS="ERROR"
			fi
		}
	fi
	_post_tracking
	OMR_TRACKER_PREV_STATUS="$OMR_TRACKER_STATUS"
	sleep "${interval}"
done
