#!/bin/sh
#
# Marta Carbone
# Copyright (C) 2009 Universita` di Pisa
# $Id$
#
# This script parse the ipfw rules
# and remove the old ones.
#
# The ipfw output is parsed and each time
# value stored as comment is compared against
# the current time.
# If the time value is older than current,
# the rules and related pipes will be deleted.
#
# $Id$

RULE_LIST="ipfw show"
# Get $NOW referred to UTC
NOW=`date -u +%s`

# check for module existence
/sbin/lsmod | grep ipfw
if [ x"$?" == x"1" ]; then
	echo "ipfw module does not exist";
	exit 0;
fi

${RULE_LIST} | 
awk '
	BEGIN {
		print now a "Start to clean rules ";
		cleaned=0;
	}

	# delete rules and pipes
	function delete_rule(rule_id) {
		command="/sbin/ipfw delete " rule_id "; ipfw pipe delete " rule_id;
		system(command);
	}

	# awk main body
	/\/\/\ [0-9]*/ { # select timeout string

			timeout=$13;

			if (now > timeout) {
				delete_rule($1);
				cleaned++;
			}
	}

	END {	print " " cleaned " rules cleaned";
	}
' now=${NOW}