#!/bin/sh

# Traffic we want to intercept - really
# ought to be just the public IP ranges
# of the local Omni.
#
# sis0 range.
APRANGE=172.17.174.65/28

# Definition of WLeiden destinations.
#
WLNET=172.16.0.0/12

# Proxy to direct to.
#
PROXYNAME=proxy.wleiden.net
PROXYPORT=3128

# No user servicable parts beyond this line.
#

# Local port to use
IFACE=127.0.0.1
TRANSPROXYPORT=8081
# TRANSPROXYLOG="/var/log/tproxy.log"	# Must be writable by the uid/gid we run as.

# Redirect anything from our omni-accesspoint range
# which does not have a local destination, and travels
# on port 80 to the proxy.
#
ipfw add 10010 fwd \
	"$IFACE","$TRANSPROXYPORT"  \
	tcp from $APRANGE to not $WLNET 80 >/dev/null

# Check if a log file is required.
#
if [ -n "$TRANSPROXYLOG" ]; then
	CMD="$CMD -l $TRANSPROXYLOG"
fi

/usr/local/sbin/tproxy \
		-s $TRANSPROXYPORT -b $IFACE \
		-d -a $APRANGE \
		-p \
		$PROXYNAME $PROXYPORT

# Remove rule once we are done.
ipfw delete 10010 >/dev/null

exit 0