#!/bin/sh

cd /usr/local/cutedge/openvpn/scripts

if ( test `sysctl -n net.inet.ip.forwarding` == 0 ) then
    sysctl -w net.inet.ip.forwarding=1
    #sysctl -w net.inet.ip.fw.enable=1
fi

sed '/^###Start OpenVPNEnabler###/,/^###End OpenVPNEnabler###/d' /etc/pf.conf > pf.tmp

awk '
{ print }
/^nat-anchor/ {
    print "###Start OpenVPNEnabler###"
    print "nat-anchor \"com.cutedgesystems.openvpn\""
    print "load anchor \"com.cutedgesystems.openvpn\" from \"/usr/local/cutedge/openvpn/scripts/pfrules\""
    print "###End OpenVPNEnabler###"
}
' pf.tmp  > /etc/pf.conf


pfctl -d
sleep 1
pfctl -F all
sleep 1
pfctl -f /etc/pf.conf -e
