#!/bin/sh
#
# SYNterloper - A Lightweight Connection Logger
#
# This is a self-contained script for installing and uninstalling the SYNterloper
# connection logging service.
#
# Usage for installation:
#   sudo ./synterloper.sh
#   sudo ./synterloper.sh install
#
# Usage for uninstallation:
#   sudo /usr/local/sbin/synterloper uninstall
#

# --- Configuration ---
LOG_DIR="/var/log/synterloper"
CAPTURE_PORT="22"
ROTATE_SECONDS="3600" # 1 hour
RETENTION_DAYS="7"
SNAP_LEN="128" # Bytes to capture per packet
INSTALL_PATH="/usr/local/sbin/synterloper"

# --- Main Functions ---

install_synterloper() {
    # Ensure script is run as root
    if [ "$(id -u)" -ne 0 ]; then
        echo "Error: Installation must be run as root." >&2
        exit 1
    fi

    echo "Starting SYNterloper installation..."

    # Detect OS and install dependencies
    OS_TYPE=$(uname)
    echo "OS Type detected: ${OS_TYPE}"
    if [ "${OS_TYPE}" = "Linux" ]; then
        echo "Installing dependencies (tcpdump) using apt..."
        export DEBIAN_FRONTEND=noninteractive
        if ! apt-get update >/dev/null; then echo "Error: apt-get update failed."; exit 1; fi
        if ! apt-get install -y tcpdump >/dev/null; then echo "Error: apt-get install failed."; exit 1; fi
    elif [ "${OS_TYPE}" = "FreeBSD" ]; then
        echo "Installing dependencies (tcpdump) using pkg..."
        if ! pkg install -y tcpdump >/dev/null; then echo "Error: pkg install failed."; exit 1; fi
    else
        echo "Error: Unsupported OS type '${OS_TYPE}'" >&2; exit 1
    fi
    echo "Dependency installation complete."

    # Create log directory
    echo "Creating log directory: ${LOG_DIR}"
    mkdir -p "${LOG_DIR}" && chown root:root "${LOG_DIR}" && chmod 700 "${LOG_DIR}"

    # Create the system service
    if [ "${OS_TYPE}" = "Linux" ]; then
        echo "Creating systemd service: synterloper.service"
        cat > /etc/systemd/system/synterloper.service <<EOF
[Unit]
Description=SYNterloper - TCP Port Connection Logger
After=network.target
[Service]
Type=simple
# =========================================================================================
# THE FIX IS HERE: All '%' are escaped as '%%' for systemd
# =========================================================================================
ExecStart=/bin/sh -c 'exec /usr/sbin/tcpdump -i \$(ip -4 route get 1.1.1.1 | grep -oP "dev \\K\\S+") -s ${SNAP_LEN} -w ${LOG_DIR}/capture-%%Y-%%m-%%d_%%H-%%M.pcap -G ${ROTATE_SECONDS} "tcp port ${CAPTURE_PORT}"'
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
        echo "Enabling and starting synterloper service (systemd)..."
        systemctl daemon-reload
        systemctl enable synterloper.service
        systemctl start synterloper.service
    elif [ "${OS_TYPE}" = "FreeBSD" ]; then
        # FreeBSD's rc.d system does not have this issue, so no change is needed here.
        echo "Creating rc.d script: /usr/local/etc/rc.d/synterloper"
        cat > /usr/local/etc/rc.d/synterloper <<'EOF'
#!/bin/sh
# PROVIDE: synterloper
# REQUIRE: NETWORKING
. /etc/rc.subr
name="synterloper"; rcvar="synterloper_enable"; load_rc_config \$name
: \${synterloper_enable:="NO"}; : \${synterloper_port:="22"}; : \${synterloper_logdir:="/var/log/synterloper"}
: \${synterloper_rotate_sec:="3600"}; : \${synterloper_snaplen:="128"}
default_iface=\$(route -n get default | grep 'interface:' | awk '{print \$2}'); command="/usr/sbin/tcpdump"
command_args="-i \${default_iface} -s \${synterloper_snaplen} -w \${synterloper_logdir}/capture-%Y-%m-%d_%H-%M.pcap -G \${synterloper_rotate_sec} \"tcp port \${synterloper_port}\""
pidfile="/var/run/\${name}.pid"; start_cmd="daemon -p \${pidfile} \${command} \${command_args}"
run_rc_command "\$1"
EOF
        chmod +x /usr/local/etc/rc.d/synterloper
        echo "Enabling and starting synterloper service (rc.d)..."
        sysrc synterloper_enable=YES synterloper_port="${CAPTURE_PORT}" synterloper_logdir="${LOG_DIR}" synterloper_rotate_sec="${ROTATE_SECONDS}" synterloper_snaplen="${SNAP_LEN}"
        service synterloper start
    fi
    echo "Service configuration complete."

    # Create the log rotation cron job
    echo "Creating daily log cleanup cron job..."
    cat > /etc/cron.daily/synterloper-cleanup <<EOF
#!/bin/sh
find "${LOG_DIR}" -name "*.pcap" -type f -mtime +${RETENTION_DAYS} -delete
EOF
    chmod +x /etc/cron.daily/synterloper-cleanup

    # Copy self to a system path for easy uninstallation
    echo "Copying script to ${INSTALL_PATH} for future management."
    cp -- "$0" "${INSTALL_PATH}"
    chmod +x "${INSTALL_PATH}"

    echo ""
    echo "--- SYNterloper Setup Complete ---"
}

uninstall_synterloper() {
    if [ "$(id -u)" -ne 0 ]; then
        echo "Error: Uninstallation must be run as root." >&2
        exit 1
    fi

    echo "Starting SYNterloper uninstallation..."

    OS_TYPE=$(uname)
    if [ "${OS_TYPE}" = "Linux" ]; then
        echo "Stopping and disabling systemd service..."
        systemctl stop synterloper.service
        systemctl disable synterloper.service
        rm -f /etc/systemd/system/synterloper.service
        systemctl daemon-reload
    elif [ "${OS_TYPE}" = "FreeBSD" ]; then
        echo "Stopping and disabling rc.d service..."
        if [ -f /usr/local/etc/rc.d/synterloper ]; then
          service synterloper stop
        fi
        sysrc -x synterloper_enable synterloper_port synterloper_logdir synterloper_rotate_sec synterloper_snaplen
        rm -f /usr/local/etc/rc.d/synterloper
    fi
    echo "Service has been removed."

    echo "Removing cleanup cron job..."
    rm -f /etc/cron.daily/synterloper-cleanup

    echo "Removing log directory: ${LOG_DIR}"
    rm -rf "${LOG_DIR}"
    
    echo "Removing management script: ${INSTALL_PATH}"
    rm -f "${INSTALL_PATH}"

    echo ""
    echo "--- Uninstallation Complete ---"
}

# --- Main Execution Logic ---
case "$1" in
    install|'')
        install_synterloper
        ;;
    uninstall)
        uninstall_synterloper
        ;;
    *)
        echo "Usage: $0 [install|uninstall]"
        exit 1
        ;;
esac