# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2

{
  writeShellApplication,
  postgresql,
}:
writeShellApplication {
  name = "nat-request-daddr";
  runtimeInputs = [ postgresql ];
  text = ''
    TARGET_TIMESTAMP=$2
    TARGET_PREFIX=$1
    psql -d ulogd -U ulogd -c "
      select
        vlan_id,
        reply_ip_daddr_str as used_ip,
        reply_l4_dport as used_port,
        orig_ip_daddr_str as daddr,
        orig_l4_dport as dport,
        flow_start_sec, flow_end_sec
      from ulog2_ct
      join vlan_prefixes on ulog2_ct.orig_ip_saddr_str <<= vlan_prefixes.prefix
        where
        -- if we don't have conn start, we considered it started before the target time
        ( flow_start_sec IS NULL or flow_start_sec <= $TARGET_TIMESTAMP )
        and
        -- similar for conn end
        ( flow_end_sec IS NULL or flow_end_sec >= $TARGET_TIMESTAMP )
        and
        orig_ip_daddr_str <<= inet '$TARGET_PREFIX'
      ;"
  '';
}