#!/usr/bin/lua

local site = require 'gluon.site_config'
local uci = require 'luci.model.uci'
local ip = require 'luci.ip'

local c = uci.cursor()


c:delete('network', 'local_node_dev')
c:section('network', 'device', 'local_node_dev',
	  {
		  name = 'local-node',
		  ifname = 'br-client',
		  type = 'macvlan',
		  macaddr = site.next_node.mac,
	  }
)

c:delete('network', 'local_node')
c:section('network', 'interface', 'local_node',
	  {
		  ifname = 'local-node',
		  proto = 'static',
		  ipaddr = site.next_node.ip4,
		  netmask = '255.255.255.255',
		  ip6addr = site.next_node.ip6 .. '/128',
	  }
)

local prefix4 = ip.IPv4(site.prefix4)
c:delete('network', 'local_node_route4')
c:section('network', 'route', 'local_node_route4',
	  {
		  interface = 'client',
		  target = prefix4:network():string(),
		  netmask = prefix4:mask():string(),
		  gateway = '0.0.0.0',
	  }
)

c:delete('network', 'local_node_route6')
c:section('network', 'route6', 'local_node_route6',
	  {
		  interface = 'client',
		  target = site.prefix6,
		  gateway = '::',
	  }
)

c:save('network')
c:commit('network')

c:delete('firewall', 'local_node')
c:section('firewall', 'zone', 'local_node',
	  {
		  name = 'local_node',
		  network = {'local_node'},
		  input = 'ACCEPT',
		  output = 'ACCEPT',
		  forward = 'REJECT',
	  }
)
c:save('firewall')
c:commit('firewall')