#!/bin/sh -e
. /etc/splash.sh

# acquire lock
exec 666<$chain_id_file
flock -x 666

# check for current inetable state, allowing a command line override
if have_splash_iptable $1; then
    # remove old entries from splash p2ptbl
    p2ptbl filter $tbl \
	awk '{ if ($2 > '$(date +%s)') print $0 }'

    # create new iptables chain from splash p2ptbl and replace the old
    # chain with the new one; this ensures that a user stays splashed
    # during the runtime of this script
    chain_id=$(($chain_id + 1))
    chain=$chain_prefix$chain_id
    iptables -t nat -N $chain
    iptables -t nat -I prerouting_inet_splashed -j $chain
    echo $chain_id > $chain_id_file
    p2ptbl show $tbl \
	| while read mac rest; do
	    add_splash_iptable "$mac"
        done
    while iptables -t nat -D prerouting_inet_splashed 2 &>/dev/null; do :; done
else
    # no working gw -> remove reference to iptable copy of splash db
    iptables -t nat -F prerouting_inet_splashed
fi

# remove old splash_db chains
for i in $(iptables -t nat -L | grep ^Chain | grep '0 references' \
         | cut -f2 -d' ' | grep ^splash_db); do
    iptables -t nat -F $i
    iptables -t nat -X $i
done