
#-----------------------------------------------------------------------
# DESCRIPTION
#-----------------------------------------------------------------------
#
# ARCserveIT module.
#
# This modules supports both ARCserveIT client agents, and ARCserveIT
# servers.
#
# After installing the module, the user should execute rcf with the 
# --update-config parameter. The necessary options will be added to the
# configuration file.
#
#-----------------------------------------------------------------------
# MODULE CONFIGURATION
#-----------------------------------------------------------------------
#
#m# 123
#a# accept
#i# cluster novirtual
#n# arcserve
#t# hosts
#
#   |--------------------------------------------------------------------|
#d# ARCserveIT backup servers and agents
#   |--------------------------------------------------------------------|
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------
#
module_name="arcserve"		# module name used in options
module_type="hosts"		# the module type (clients, servers, etc.)
service_name="ARCserve"		# displayed on-screen
service_ports="6050:6051"	# ports used by ARCserveIT and agents
broadcast_port="41524"		# port used for ARCserve discovery broadcasts

if [ ! "$CLUSTER_NAME" ]
then
	inchain="$INCHAIN"; outchain="$OUTCHAIN"
else
	outchain="$INCHAIN"; inchain="$OUTCHAIN"
fi

# ARCserveIT discovery service broadcasts

if [ "`Option_Value accept $INTOPT $module_name $module_type`" -a ! "$CLUSTER_NAME" ]
then
	if [ "$MODE" -ge 2 ]
	then
		echo "Accept $INTOPT $IPADDR ARCserveIT Discovery -> $BROADCAST $LOG_MSG"
		ipchains -A $outchain -j ACCEPT -p udp -s $IPADDR $broadcast_port -d $BROADCAST $broadcast_port $LOG
	fi
fi

# ARCserveIT backup service or agent service

for host in `Option_Value accept $INTOPT $module_name $module_type`
do
	echo "Accept $INTOPT $IPADDR ARCserveIT <-> $host ARCserveIT $LOG_MSG"

	ipchains -A $inchain  -j ACCEPT -p tcp      -s $host   $UNPRIVPORTS    -d $IPADDR $service_ports  $LOG
	ipchains -A $outchain -j ACCEPT -p tcp ! -y -s $IPADDR $service_ports  -d $host   $UNPRIVPORTS    $LOG
	ipchains -A $inchain  -j ACCEPT -p tcp      -s $IPADDR $UNPRIVPORTS    -d $host   $service_ports  $LOG
	ipchains -A $outchain -j ACCEPT -p tcp ! -y -s $host   $service_ports  -d $IPADDR $UNPRIVPORTS    $LOG

	ipchains -A $inchain  -j ACCEPT -p udp      -s $host   $UNPRIVPORTS    -d $IPADDR $service_ports  $LOG
	ipchains -A $outchain -j ACCEPT -p udp      -s $IPADDR $service_ports  -d $host   $UNPRIVPORTS    $LOG
	ipchains -A $inchain  -j ACCEPT -p udp      -s $IPADDR $UNPRIVPORTS    -d $host   $service_ports  $LOG
	ipchains -A $outchain -j ACCEPT -p udp      -s $host   $service_ports  -d $IPADDR $UNPRIVPORTS    $LOG

	echo "Accept $INTOPT $IPADDR ARCserveIT Discovery <-> $host ARCserveIT Discovery $LOG_MSG"

	ipchains -A $inchain  -j ACCEPT -p udp      -s $host   $UNPRIVPORTS    -d $IPADDR $broadcast_port $LOG
	[ ! "$CLUSTER_NAME" ] && \
		ipchains -A $inchain  -j ACCEPT -p udp -s $host   $UNPRIVPORTS    -d $BROADCAST $broadcast_port $LOG
	[ "$MODE" -ge 2 ] && \
		ipchains -A $outchain -j ACCEPT -p udp -s $IPADDR $broadcast_port -d $host      $broadcast_port $LOG

done

unset module_name module_type service_name service_ports broadcast_port host

