#!/usr/bin/lua

local sysconfig = require 'gluon.sysconfig'
local util = require 'gluon.util'

local uci = require('simple-uci').cursor()


local interfaces = util.get_role_interfaces(uci, 'client', true)
util.add_to_set(interfaces, 'local-port')

uci:section('network', 'interface', 'client', {
	type = 'bridge',
	ifname = interfaces,
	proto = 'none',
	auto = true,
	ipv6 = false,
	macaddr = sysconfig.primary_mac,
	igmp_snooping = true,
	multicast_querier = true,
	ra_holdoff = 30,
})

uci:save('network')

uci:section('firewall', 'zone', 'drop', {
	name = 'drop',
	network = {'client'},
	input = 'DROP',
	output = 'DROP',
	forward = 'DROP',
})

local networks = uci:get_list('firewall', 'loc_client', 'network')
util.add_to_set(networks, 'local_node')
uci:set_list('firewall', 'loc_client', 'network', networks)


local dnsmasq = uci:get_first('dhcp', 'dnsmasq')
uci:set('dhcp', dnsmasq, 'boguspriv', false)
uci:set('dhcp', dnsmasq, 'localise_queries', false)
uci:set('dhcp', dnsmasq, 'rebind_protection', false)

uci:section('dhcp', 'dhcp', 'local_client', {
	interface = 'client',
	ignore = true,
})

uci:save('dhcp')
uci:save('firewall')