#!/bin/sh
#
# ovpn-linkdown
#
# part of pfSense (https://www.pfsense.org)
# Copyright (c) 2004-2013 BSD Perimeter
# Copyright (c) 2013-2016 Electric Sheep Fencing
# Copyright (c) 2014-2021 Rubicon Communications, LLC (Netgate)
# All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

/sbin/pfctl -i $1 -Fs
/bin/rm -f /var/etc/searchdomain_$1
/bin/rm -f /tmp/$1_router
/bin/rm -f /tmp/$1_routerv6
/bin/rm -f /tmp/$1up
/usr/local/sbin/pfSctl -c 'filter reload'

if [ -f "/var/etc/nameserver_${1}" -o -f "/var/etc/nameserver_v6${1}" ]; then
	if [ -f "/var/etc/nameserver_${1}" ]; then
		for nameserver in `cat /var/etc/nameserver_${1}`; do
			/sbin/route -q delete -inet -host ${nameserver} -iface ${1} >/dev/null 2>&1
		done
	fi
	/bin/rm -f /var/etc/nameserver_$1
	if [ -f "/var/etc/nameserver_v6${1}" ]; then
		for nameserver in `cat /var/etc/nameserver_v6${1}`; do
			/sbin/route -q delete -inet6 -host ${nameserver} -iface ${1} >/dev/null 2>&1
		done
	fi
	/bin/rm -f /var/etc/nameserver_v6$1
	if pgrep -q -a -F /var/run/unbound.pid unbound >/dev/null 2>&1; then
		/usr/local/sbin/pfSsh.php playback svc restart unbound
	elif pgrep -q -a -F /var/run/dnsmasq.pid unbound >/dev/null 2>&1; then
		/usr/local/sbin/pfSsh.php playback svc restart dnsmasq
	fi
fi
