# XDP Defense - Unified XDP Blocker + DDoS Defense
# Build, install, and manage the integrated XDP defense system

PROJ_DIR := /opt/xdp-defense
BPF_DIR := $(PROJ_DIR)/bpf
LIB_DIR := $(PROJ_DIR)/lib
BIN_DIR := $(PROJ_DIR)/bin
CFG_DIR := $(PROJ_DIR)/config

INSTALL_BIN := /usr/local/bin
SYSTEMD_DIR := /etc/systemd/system
ETC_DIR := /etc/xdp-defense
DATA_DIR := /var/lib/xdp-defense
BLOCKER_CFG := /etc/xdp-defense

CLANG ?= clang
CLANG_FLAGS := -O2 -g -Wall -target bpf \
               -I/usr/include -I/usr/include/bpf -I/usr/include/xdp

BPF_OBJECTS := $(BPF_DIR)/xdp_cdn_filter.o $(BPF_DIR)/xdp_blocker.o $(BPF_DIR)/xdp_ddos.o

.PHONY: all build install uninstall enable disable clean check-deps status

all: build

build: $(BPF_OBJECTS)

$(BPF_DIR)/xdp_blocker.o: $(BPF_DIR)/xdp_blocker.c
	$(CLANG) $(CLANG_FLAGS) -c $< -o $@

$(BPF_DIR)/xdp_ddos.o: $(BPF_DIR)/xdp_ddos.c
	$(CLANG) $(CLANG_FLAGS) -c $< -o $@

install: build
	@echo "Installing XDP Defense..."
	# Directories
	install -d $(ETC_DIR)
	install -d $(DATA_DIR)
	install -d $(BLOCKER_CFG)/countries
	install -d $(BLOCKER_CFG)/whitelist
	# CLI
	install -m 755 $(BIN_DIR)/xdp-defense $(INSTALL_BIN)/xdp-defense
	ln -sf $(INSTALL_BIN)/xdp-defense $(INSTALL_BIN)/xdp-block
	# Startup script
	install -m 755 $(BIN_DIR)/xdp-startup.sh $(INSTALL_BIN)/xdp-startup
	# Python libraries
	install -m 644 $(LIB_DIR)/xdp_common.py $(INSTALL_BIN)/xdp_common.py
	install -m 755 $(LIB_DIR)/xdp_country.py $(INSTALL_BIN)/xdp-country
	install -m 755 $(LIB_DIR)/xdp_whitelist.py $(INSTALL_BIN)/xdp-whitelist
	install -m 755 $(LIB_DIR)/xdp_defense_daemon.py $(INSTALL_BIN)/xdp-defense-daemon
	# Config (don't overwrite existing)
	test -f $(ETC_DIR)/config.yaml || install -m 644 $(CFG_DIR)/config.yaml $(ETC_DIR)/config.yaml
	# Systemd service
	install -m 644 $(CFG_DIR)/xdp-defense.service $(SYSTEMD_DIR)/xdp-defense.service
	systemctl daemon-reload
	@echo ""
	@echo "Installed successfully."
	@echo "  CLI:     $(INSTALL_BIN)/xdp-defense"
	@echo "  Compat:  $(INSTALL_BIN)/xdp-block -> xdp-defense"
	@echo "  Config:  $(ETC_DIR)/config.yaml"
	@echo ""
	@echo "Run 'make enable' to enable on boot."

uninstall:
	@echo "Uninstalling XDP Defense..."
	systemctl stop xdp-defense 2>/dev/null || true
	systemctl disable xdp-defense 2>/dev/null || true
	rm -f $(INSTALL_BIN)/xdp-defense
	rm -f $(INSTALL_BIN)/xdp-block
	rm -f $(INSTALL_BIN)/xdp-startup
	rm -f $(INSTALL_BIN)/xdp_common.py
	rm -f $(INSTALL_BIN)/xdp-country
	rm -f $(INSTALL_BIN)/xdp-whitelist
	rm -f $(INSTALL_BIN)/xdp-defense-daemon
	rm -f $(SYSTEMD_DIR)/xdp-defense.service
	systemctl daemon-reload
	@echo "Uninstalled. Config preserved in $(ETC_DIR)"

enable:
	systemctl enable xdp-defense
	@echo "XDP Defense will start on boot"

disable:
	systemctl disable xdp-defense
	@echo "XDP Defense will not start on boot"

status:
	@systemctl status xdp-defense 2>/dev/null || echo "Service not installed"

clean:
	rm -f $(BPF_DIR)/*.o

check-deps:
	@echo "Checking dependencies..."
	@which clang >/dev/null 2>&1 || (echo "ERROR: clang not found" && exit 1)
	@which bpftool >/dev/null 2>&1 || (echo "ERROR: bpftool not found" && exit 1)
	@which ip >/dev/null 2>&1 || (echo "ERROR: iproute2 not found" && exit 1)
	@which python3 >/dev/null 2>&1 || (echo "ERROR: python3 not found" && exit 1)
	@which xdp-loader >/dev/null 2>&1 || (echo "ERROR: xdp-loader not found (libxdp)" && exit 1)
	@python3 -c "import yaml" 2>/dev/null || (echo "ERROR: python3-yaml not found" && exit 1)
	@test -f /usr/include/xdp/xdp_helpers.h || (echo "ERROR: xdp_helpers.h not found" && exit 1)
	@echo "All dependencies satisfied"

$(BPF_DIR)/xdp_cdn_filter.o: $(BPF_DIR)/xdp_cdn_filter.c
	$(CLANG) $(CLANG_FLAGS) -c $< -o $@