#!/bin/bash

team_number=9

team_octet=$((20 + $team_number))

extended_network=172.20.0.0/16
external_network=172.25."$team_octet".0/24

# Try to detect WAN iface, probably better ways
wan_iface=$(ip route | grep '^default' | grep -oP -m1 '\bdev\s+\S+' | cut -d' ' -f2)
#wan_iface=eth0
echo "WAN iface is '$wan_iface'"

# This is sloppy, assuming wan iface == lan iface (and that there is only one)
lan_iface=$wan_iface
#lan_iface=eth0

echo "LAN iface is '$lan_iface'"

lan_network=$(ip addr show "$lan_iface" | grep -oP -m1 '\binet\s+\S+' | cut -d' ' -f2)
#lan_network=172.20.240.0/24

lan_ip=$(ip addr show "$lan_iface" | grep -oP -m1 '\binet\s+[^\s/]+' | cut -d' ' -f2)
#lan_ip=

echo "LAN net is '$lan_network'"
echo "LAN IP is '$lan_ip'"

# Only bad_guys will be watched for bad behavior, ban checks, packet limiting, etc.
bad_guys=10.0.0.0/8
#bad_guys=0.0.0.0/0

good_guys=10.0.0.0/8

echo "Good guys are '$good_guys'"
echo "Bad guys are '$bad_guys'"

echo "GO TEAM $team_number!"

dmz_prefix=172.20.240
internal_prefix=172.20.241
ext_prefix=172.25."$team_octet"

# dmz network
centos_ecom="$dmz_prefix".11
centos_ecom_ext="$ext_prefix".11

ubuntu_dns="$dmz_prefix".23
ubuntu_dns_ext="$ext_prefix".23

# internal network
win_2003_ftp="$internal_prefix".9
win_2003_ftp_ext="$ext_prefix".9

debian_email="$internal_prefix".39
debian_email_ext="$ext_prefix".39

win_2008_dfs="$internal_prefix".24
win_2008_dfs_ext="$ext_prefix".24

win_2008_ad="$internal_prefix".11
win_2008_ad_ext="$ext_prefix".11

# workstations
ubuntu_ws="$internal_prefix".249
ubuntu_ws_ext="$ext_prefix".249

win_7_ws="$internal_prefix".245
win_7_ws_ext="$ext_prefix".245

xp_pro_ws=172.20.242.142
xp_pro_ws_ext="$ext_prefix".142