#!/bin/bash

# Root check
[[ "$(id -u)" -ne 0 ]] && { echo "This script must be run as superuser"; exit 1; }

set_proxy() {
  if [ -n "$http_proxy" ]; then
    echo "Proxy is set for git & wget via $http_proxy"
  else
    export http_proxy="http://192.168.49.1:8000" https_proxy="$http_proxy" ftp_proxy="$http_proxy" no_proxy="localhost,127.0.0.1,.localhost"
    # set http proxy for git
    git config --global http.proxy $http_proxy ; git config --global https.proxy $http_proxy
    # set http proxy for wget
    sed -i -e '85s/.*/http-proxy=http:\/\/192\.168\.49\.1:8000/' -e '86s/.*/https-proxy=http:\/\/192\.168\.49\.1:8000/' -e '87s/.*/ftp-proxy=http:\/\/192\.168\.49\.1:8000/' -e '90s/.*/use_proxy=on/' /etc/wgetrc
    set_proxy
  fi
}

set_pkgman_proxy() {
if command -v apt > /dev/null 2>&1; then
  # set http proxy for apt and apt-get
  rm /etc/apt/apt.conf.d/proxy.conf
  touch /etc/apt/apt.conf.d/proxy.conf
  echo 'Acquire{HTTP::proxy "http://192.168.49.1:8000";HTTPS::proxy "http://192.168.49.1:8000";}' > /etc/apt/apt.conf.d/proxy.conf
  echo "Package manager apt is now behind proxy"
elif command -v pacman > /dev/null 2>&1; then
  echo "Package manager pacman is now behind proxy"
else
  echo "Package manager not detected."
fi
}

exec_tunnel() {
  # Tunnel interface setup
  ip tuntap add mode tun dev tun0 > /dev/null 2>&1
  ip addr add 192.168.1.1/24 dev tun0 > /dev/null 2>&1
  ip link set dev tun0 up > /dev/null 2>&1
  ip route del default > /dev/null 2>&1
  ip route add default via 192.168.1.1 dev tun0 metric 1 > /dev/null 2>&1
  ip route add default via 192.168.49.1 dev wlan0 metric 10 > /dev/null 2>&1
  # Disable rp_filter to receive packets from other interfaces
  sysctl -w net.ipv4.conf.all.rp_filter=0 > /dev/null 2>&1
  # Create a configuration file for HevSocks5Tunnel
cat << EOF > config.yml
tunnel:
  name: tun0
  mtu: 8500
  ipv4: 192.168.1.1
socks5:
  address: 192.168.49.1
  port: 8000
  udp: tcp
misc:
  log-level: info
EOF
  echo -e "socks5 tunnel initiated on interface: tun0\n"
  # Run HevSocks5Tunnel
  ./hev-socks5-tunnel-linux-$ARCH config.yml
}

cleanup() {
  echo -e "\ncleaning up..."
  # unset proxy variables
  unset {http,https,ftp,no}_proxy
  # unset proxy for git
  git config --global --unset http.proxy ; git config --global --unset https.proxy
  # unset proxy for wget
  sed -i -e '85s/.*/#http-proxy=http:\/\/192\.168\.49\.1:8000/' \
         -e '86s/.*/#https-proxy=http:\/\/192\.168\.49\.1:8000/' \
         -e '87s/.*/#ftp-proxy=http:\/\/192\.168\.49\.1:8000/' \
         -e '90s/.*/#use_proxy=on/' /etc/wgetrc
  rm -fr config.yml
}

init() {
  if [ -f "./hev-socks5-tunnel-linux-$ARCH" ]; then
    set_proxy ; set_pkgman_proxy ; exec_tunnel
  else
    URL="https://github.com/heiher/hev-socks5-tunnel/releases/download/2.7.5/hev-socks5-tunnel-linux-$ARCH"
    wget -e use_proxy=yes -e https_proxy=http://192.168.49.1:8000 -P ./ $URL
    chmod +x ./hev-socks5-tunnel-linux-$ARCH ; init
  fi
}

detect_arch() {
  ARCH="$(uname -m)"
  case "$ARCH" in
    x86_64) echo -e "\n64-bit architecture detected"; init;;
    i686|i386) echo -e "\n32-bit architecture detected"; init;;
    arm64|aarch64) echo -e "\nArm64 architecture detected"; init;;
    *) echo -e "\nUnknown architecture: $ARCH"; exit 1;;
  esac
  cleanup
}
detect_arch
exit 0