#!/bin/bash
# session_down.sh
username=$(echo "$username" | tr -dc 'a-zA-Z0-9-' )
case "${#username}" in
    128|127|126) hash=$username ;; # is a hash already (some routers cut off the last one or two bytes, so accounting for that)
    23) hash=$(echo -n "$username" | openssl sha512 | awk '{print $NF}') ;; # they didn't hash the token, so do it for them
    *) exit 1 ;; # not the length of a token or a token hash, so reject
esac

# decrease session counter token
result=`timeout 8 wget -4 -qO- -T8 "https://[redacted]?token=${hash}&action=down"`

instance_pool_dir=/tmp/pool

if [[ -n $ifconfig_pool_remote_ip ]]; then
 rm -vf $instance_pool_dir/$ifconfig_pool_remote_ip 2>&1
 # remove any port fwds for client
 sudo /usr/local/sbin/portfwd del $ifconfig_pool_remote_ip
 # and any http://10.31.33.7/changemyip entries
 sudo /usr/local/sbin/changeip $ifconfig_pool_remote_ip
 # and all conntrack entries
 sudo /usr/local/sbin/connmarkrm $ifconfig_pool_remote_ip &
fi

# do the same, but for IPv6
if [[ -n $ifconfig_pool_remote_ip6 ]]; then
 ifconfig_pool_remote_ip6="${ifconfig_pool_remote_ip6//:0:/::}"
 rm -vf $instance_pool_dir/$ifconfig_pool_remote_ip6 2>&1
 sudo /usr/local/sbin/portfwd del $ifconfig_pool_remote_ip6
 sudo /usr/local/sbin/changeip $ifconfig_pool_remote_ip6
 sudo /usr/local/sbin/connmarkrm $ifconfig_pool_remote_ip6 &
fi