/**
 * Interfaces for NfTablesProxy
 */

/**
 * Represents a port range for forwarding
 */
export interface PortRange {
  from: number;
  to: number;
}

// Legacy interface name for backward compatibility
export type IPortRange = PortRange;

/**
 * Settings for NfTablesProxy.
 */
export interface NfTableProxyOptions {
  // Basic settings
  fromPort: number | PortRange | Array<number | PortRange>; // Support single port, port range, or multiple ports/ranges
  toPort: number | PortRange | Array<number | PortRange>;
  toHost?: string; // Target host for proxying; defaults to 'localhost'
  
  // Advanced settings
  preserveSourceIP?: boolean; // If true, the original source IP is preserved
  deleteOnExit?: boolean;     // If true, clean up rules before process exit
  protocol?: 'tcp' | 'udp' | 'all'; // Protocol to forward, defaults to 'tcp'
  enableLogging?: boolean;    // Enable detailed logging
  ipv6Support?: boolean;      // Enable IPv6 support
  logFormat?: 'plain' | 'json'; // Format for logs
  
  // Source filtering
  allowedSourceIPs?: string[]; // If provided, only these IPs are allowed
  bannedSourceIPs?: string[];  // If provided, these IPs are blocked
  useIPSets?: boolean;        // Use nftables sets for efficient IP management
  
  // Rule management
  forceCleanSlate?: boolean;   // Clear all NfTablesProxy rules before starting
  tableName?: string;          // Custom table name (defaults to 'portproxy')
  
  // Connection management
  maxRetries?: number;        // Maximum number of retries for failed commands
  retryDelayMs?: number;      // Delay between retries in milliseconds
  useAdvancedNAT?: boolean;   // Use connection tracking for stateful NAT
  
  // Quality of Service
  qos?: {
    enabled: boolean;
    maxRate?: string;         // e.g. "10mbps"
    priority?: number;        // 1 (highest) to 10 (lowest)
    markConnections?: boolean; // Mark connections for easier management
  };
  
  // Integration with PortProxy/NetworkProxy
  netProxyIntegration?: {
    enabled: boolean;
    redirectLocalhost?: boolean; // Redirect localhost traffic to NetworkProxy
    sslTerminationPort?: number; // Port where NetworkProxy handles SSL termination
  };
}

// Legacy interface name for backward compatibility
export type INfTableProxySettings = NfTableProxyOptions;

/**
 * Interface for status reporting
 */
export interface NfTablesStatus {
  active: boolean;
  ruleCount: {
    total: number;
    added: number;
    verified: number;
  };
  tablesConfigured: { family: string; tableName: string }[];
  metrics: {
    forwardedConnections?: number;
    activeConnections?: number;
    bytesForwarded?: {
      sent: number;
      received: number;
    };
  };
  qosEnabled?: boolean;
  ipSetsConfigured?: {
    name: string;
    elementCount: number;
    type: string;
  }[];
}

// Legacy interface name for backward compatibility
export type INfTablesStatus = NfTablesStatus;