#!/bin/bash
#
# Synex Control - Network Management Module
# src/modules/synex-control-net
#

# Source common library
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${SCRIPT_DIR}/../lib/common.sh"

# Check root privileges
check_root "$@"

# Detect network manager
NETWORK_MANAGER=""
if systemctl is-active --quiet NetworkManager; then
    NETWORK_MANAGER="NetworkManager"
elif systemctl is-active --quiet systemd-networkd; then
    NETWORK_MANAGER="systemd-networkd"
elif systemctl is-active --quiet networking; then
    NETWORK_MANAGER="ifupdown"
else
    NETWORK_MANAGER="unknown"
fi

# ============================================================================
# LANGUAGE STRINGS - SPANISH
# ============================================================================

declare -A NET_ES=(
    [menu_title]="Gestión de Red"
    [menu_option_1]="1. Ver configuración de red"
    [menu_option_2]="2. Cambiar hostname"
    [menu_option_3]="3. Gestionar DNS"
    [menu_option_4]="4. Gestionar gateway"
    [menu_option_5]="5. Gestionar interfaces"
    [menu_option_6]="6. Reiniciar servicio de red"
    [menu_option_0]="0. Volver al menú principal"
    [select_option]="Selecciona una opción"
    [invalid_option]="Opción inválida"
    [current_hostname]="Hostname actual"
    [new_hostname]="Nuevo hostname"
    [hostname_changed]="Hostname cambiado exitosamente"
    [hostname_error]="Error al cambiar hostname"
    [invalid_hostname]="Hostname inválido"
    [current_dns]="DNS actual"
    [new_dns]="Nuevo DNS (separados por comas)"
    [dns_changed]="DNS cambiado exitosamente"
    [dns_error]="Error al cambiar DNS"
    [current_gateway]="Gateway actual"
    [new_gateway]="Nuevo gateway"
    [gateway_changed]="Gateway cambiado exitosamente"
    [gateway_error]="Error al cambiar gateway"
    [invalid_ip]="Dirección IP inválida"
    [interfaces_list]="=== Lista de Interfaces de Red ==="
    [interface_name]="Interfaz"
    [interface_ip]="IP/Máscara"
    [interface_status]="Estado"
    [interface_mac]="MAC"
    [no_interfaces]="No se encontraron interfaces"
    [select_interface]="Selecciona una interfaz"
    [interface_config]="Configuración de interfaz"
    [interface_method]="Método (dhcp/static)"
    [set_static_ip]="Configurar IP estática"
    [set_dhcp]="Configurar DHCP"
    [interface_configured]="Interfaz configurada exitosamente"
    [interface_error]="Error al configurar interfaz"
    [net_restarted]="Servicio de red reiniciado"
    [net_restart_error]="Error al reiniciar servicio de red"
    [connectivity_check]="Verificando conectividad..."
    [online]="En línea"
    [offline]="Desconectado"
    [operation_cancelled]="Operación cancelada"
    [network_manager]="Gestor de red"
    [confirm_change]="¿Deseas aplicar estos cambios?"
)

# ============================================================================
# LANGUAGE STRINGS - ENGLISH
# ============================================================================

declare -A NET_EN=(
    [menu_title]="Network Management"
    [menu_option_1]="1. View network configuration"
    [menu_option_2]="2. Change hostname"
    [menu_option_3]="3. Manage DNS"
    [menu_option_4]="4. Manage gateway"
    [menu_option_5]="5. Manage interfaces"
    [menu_option_6]="6. Restart network service"
    [menu_option_0]="0. Return to main menu"
    [select_option]="Select an option"
    [invalid_option]="Invalid option"
    [current_hostname]="Current hostname"
    [new_hostname]="New hostname"
    [hostname_changed]="Hostname changed successfully"
    [hostname_error]="Error changing hostname"
    [invalid_hostname]="Invalid hostname"
    [current_dns]="Current DNS"
    [new_dns]="New DNS (comma separated)"
    [dns_changed]="DNS changed successfully"
    [dns_error]="Error changing DNS"
    [current_gateway]="Current gateway"
    [new_gateway]="New gateway"
    [gateway_changed]="Gateway changed successfully"
    [gateway_error]="Error changing gateway"
    [invalid_ip]="Invalid IP address"
    [interfaces_list]="=== Network Interfaces List ==="
    [interface_name]="Interface"
    [interface_ip]="IP/Netmask"
    [interface_status]="Status"
    [interface_mac]="MAC"
    [no_interfaces]="No interfaces found"
    [select_interface]="Select an interface"
    [interface_config]="Interface configuration"
    [interface_method]="Method (dhcp/static)"
    [set_static_ip]="Set static IP"
    [set_dhcp]="Set DHCP"
    [interface_configured]="Interface configured successfully"
    [interface_error]="Error configuring interface"
    [net_restarted]="Network service restarted"
    [net_restart_error]="Error restarting network service"
    [connectivity_check]="Checking connectivity..."
    [online]="Online"
    [offline]="Offline"
    [operation_cancelled]="Operation cancelled"
    [network_manager]="Network manager"
    [confirm_change]="Do you want to apply these changes?"
)

# ============================================================================
# MESSAGE FUNCTION (NET SPECIFIC)
# ============================================================================

net_msg() {
    local key="$1"

    if [ "$LANG_CHOICE" = "es" ]; then
        echo "${NET_ES[$key]:-$key}"
    else
        echo "${NET_EN[$key]:-$key}"
    fi
}

# ============================================================================
# VIEW CONFIGURATION
# ============================================================================

view_config() {
    local content=""

    content+="$(net_msg menu_option_1)\n\n"

    # Show hostname
    content+="=== $(net_msg current_hostname) ===\n"
    content+="$(hostname)\n\n"

    # Show network manager
    content+="=== $(net_msg network_manager) ===\n"
    content+="$NETWORK_MANAGER\n\n"

    # Show interfaces
    content+="$(net_msg interfaces_list)\n\n"
    content+="$(ip addr show | grep -E "^[0-9]+:|inet " | sed 's/^[0-9]*: /  Interface: /' | sed 's/inet /    IP: /')\n\n"

    # Show DNS
    content+="=== $(net_msg current_dns) ===\n"
    if [ -f /etc/resolv.conf ]; then
        content+="$(grep "nameserver" /etc/resolv.conf | sed 's/nameserver /  /')\n"
    else
        content+="  No DNS configured\n"
    fi
    content+="\n"

    # Show gateway
    content+="=== $(net_msg current_gateway) ===\n"
    content+="$(ip route | grep default | sed 's/default via /  /')\n\n"

    # Check connectivity
    content+="=== $(net_msg connectivity_check) ===\n"
    if ping -c 1 8.8.8.8 &>/dev/null; then
        content+="${GREEN}[$(net_msg online)]${NC}\n"
    else
        content+="${YELLOW}[$(net_msg offline)]${NC}\n"
    fi

    show_with_pager "$content"
}

# ============================================================================
# CHANGE HOSTNAME
# ============================================================================

change_hostname() {
    show_header
    print_info "$(net_msg menu_option_2)"
    echo ""

    local current_host
    local new_host

    current_host=$(hostname)
    print_info "$(net_msg current_hostname): $current_host"
    echo ""

    read -p "$(net_msg new_hostname): " new_host

    if ! validate_hostname "$new_host"; then
        pause_execution
        return
    fi

    if hostnamectl set-hostname "$new_host"; then
        # Also update /etc/hosts if using ifupdown
        if [ "$NETWORK_MANAGER" = "ifupdown" ]; then
            sed -i "s/$current_host/$new_host/g" /etc/hosts 2>/dev/null || true
        fi

        print_success "$(net_msg hostname_changed)"
        log_message "INFO" "Hostname changed from $current_host to $new_host"
    else
        print_error "$(net_msg hostname_error)"
        log_message "ERROR" "Failed to change hostname to $new_host"
    fi

    pause_execution
}

# ============================================================================
# MANAGE DNS
# ============================================================================

manage_dns() {
    show_header
    print_info "$(net_msg menu_option_3)"
    echo ""

    print_info "$(net_msg current_dns):"
    if [ -f /etc/resolv.conf ]; then
        grep "nameserver" /etc/resolv.conf | sed 's/nameserver /  /'
    else
        echo "  No DNS configured"
    fi
    echo ""

    read -p "$(net_msg new_dns): " new_dns

    # ENTER en blanco => no cambia nada
    if [ -z "$new_dns" ]; then
        print_info "$(net_msg operation_cancelled)"
        pause_execution
        return
    fi

    local STATE_DIR="/etc/synex-control"
    local DNS_CONF="$STATE_DIR/dns.conf"
    local IFUP_HOOK="/etc/network/if-up.d/synex-control-dns"
    local DHCPCD_EXIT_HOOK="/etc/dhcpcd.exit-hook"

    mkdir -p "$STATE_DIR" 2>/dev/null || true
    mkdir -p /etc/network/if-up.d 2>/dev/null || true

    # ---------------------------------------------------------------------
    # Hook synex-control-dns (idempotente)
    # Políticas:
    # - DHCP + dns.conf vacío  => resolv.conf = gateway detectado
    # - DHCP + dns.conf con DNS => resolv.conf = SOLO dns.conf (sin gateway)
    # - STATIC + dns.conf vacío => resolv.conf sin nameserver (sin resolver)
    # - STATIC + dns.conf con DNS => resolv.conf = SOLO dns.conf
    # ---------------------------------------------------------------------
    cat > "$IFUP_HOOK" <<'EOF'
#!/bin/sh
STATE_DIR="/etc/synex-control"
CONF_FILE="$STATE_DIR/dns.conf"
RESOLV="/etc/resolv.conf"

iface="${IFACE:-$1}"
[ -z "$iface" ] && exit 0
[ "$iface" = "lo" ] && exit 0

cfg1="/etc/network/interfaces.d/$iface"
cfg2="/etc/network/interfaces"

detect_method() {
  i="$1"; f="$2"
  [ -f "$f" ] || return 1
  if grep -Eq "^[[:space:]]*iface[[:space:]]+$i[[:space:]]+inet[[:space:]]+static" "$f"; then
    echo "static"; return 0
  fi
  if grep -Eq "^[[:space:]]*iface[[:space:]]+$i[[:space:]]+inet[[:space:]]+dhcp" "$f"; then
    echo "dhcp"; return 0
  fi
  return 1
}

method="$(detect_method "$iface" "$cfg1" 2>/dev/null || true)"
[ -z "$method" ] && method="$(detect_method "$iface" "$cfg2" 2>/dev/null || true)"
[ -z "$method" ] && method="dhcp"

manual=""
[ -f "$CONF_FILE" ] && manual="$(cat "$CONF_FILE" 2>/dev/null | xargs)"

list=""

if [ "$method" = "dhcp" ]; then
  if [ -n "$manual" ]; then
    list="$manual"
  else
    gw="$(ip route show default dev "$iface" 2>/dev/null | awk 'NR==1{print $3}')"
    [ -z "$gw" ] && gw="$(ip route 2>/dev/null | awk '$1=="default"{print $3;exit}')"
    list="$gw"
  fi
else
  # static
  if [ -n "$manual" ]; then
    list="$manual"
  else
    list=""
  fi
fi

{
  echo "# Generated by synex-control"
  if [ -n "$list" ]; then
    for ip in $list; do
      echo "nameserver $ip"
    done
  fi
} > "$RESOLV"

exit 0
EOF
    chmod 0755 "$IFUP_HOOK" 2>/dev/null || true

    # dhcpcd exit-hook (si existe dhcpcd)
    if command -v dhcpcd >/dev/null 2>&1; then
        if [ ! -f "$DHCPCD_EXIT_HOOK" ]; then
            cat > "$DHCPCD_EXIT_HOOK" <<'EOF'
#!/bin/sh
# dhcpcd exit hook - extended by synex-control
EOF
            chmod 0755 "$DHCPCD_EXIT_HOOK" 2>/dev/null || true
        fi

        if ! grep -q "synex-control-dns" "$DHCPCD_EXIT_HOOK" 2>/dev/null; then
            cat >> "$DHCPCD_EXIT_HOOK" <<'EOF'

# synex-control-dns
if [ -x /etc/network/if-up.d/synex-control-dns ]; then
  IFACE="$interface" /etc/network/if-up.d/synex-control-dns >/dev/null 2>&1 || true
fi
EOF
        fi
    fi

    # ---------------------------------------------------------------------
    # Reemplazar COMPLETO dns.conf con lo ingresado (máximo 3, únicos)
    # ---------------------------------------------------------------------
    local -a new_list
    local dns
    IFS=',' read -ra new_list <<< "$new_dns"

    local replaced=""
    local count=0

    for dns in "${new_list[@]}"; do
        dns="$(echo "$dns" | xargs)"
        [ -z "$dns" ] && continue

        if ! validate_ip "$dns"; then
            print_error "$(net_msg invalid_ip): $dns"
            pause_execution
            return
        fi

        # unique
        case " $replaced " in
            *" $dns "*) continue ;;
        esac

        replaced="${replaced}${replaced:+ }$dns"
        count=$((count + 1))
        [ "$count" -ge 3 ] && break
    done

    if [ -z "$replaced" ]; then
        print_info "$(net_msg operation_cancelled)"
        pause_execution
        return
    fi

    echo "$replaced" > "$DNS_CONF"

    # Aplicar ya sobre la interfaz por default route
    local apply_iface
    apply_iface="$(ip route show default 2>/dev/null | awk '{print $5; exit}')"
    if [ -z "$apply_iface" ]; then
        apply_iface="$(ip link show | awk -F': ' '/^[0-9]+: /{print $2}' | grep -v '^lo$' | head -n1)"
    fi

    if [ -n "$apply_iface" ] && [ -x "$IFUP_HOOK" ]; then
        IFACE="$apply_iface" "$IFUP_HOOK" >/dev/null 2>&1 || true
    fi

    print_success "$(net_msg dns_changed)"
    log_message "INFO" "DNS replaced via synex-control: $replaced"

    pause_execution
}

# ============================================================================
# MANAGE GATEWAY (FIXED v10 - SIMPLER APPROACH)
# ============================================================================

manage_gateway() {
    show_header
    print_info "$(net_msg menu_option_4)"
    echo ""

    # Show current gateway (get only the IP)
    print_info "$(net_msg current_gateway):"
    local current_gateway=$(ip route | grep "^default via" | awk '{print $3}' | head -1)

    if [ -n "$current_gateway" ]; then
        echo "  $current_gateway"
    else
        echo "  No default gateway configured"
    fi
    echo ""

    read -p "$(net_msg new_gateway): " new_gateway

    if [ -z "$new_gateway" ]; then
        print_info "$(net_msg operation_cancelled)"
        pause_execution
        return
    fi

    if ! validate_ip "$new_gateway"; then
        pause_execution
        return
    fi

    # If new gateway is the same as current, do nothing
    if [ "$new_gateway" = "$current_gateway" ]; then
        print_info "New gateway is the same as current. No changes needed."
        pause_execution
        return
    fi

    # Get the primary network interface
    local interface=$(ip link show | grep -E "^[0-9]+:" | grep "UP" | grep -v "lo:" | awk -F': ' '{print $2}' | head -1)

    if [ -z "$interface" ]; then
        print_error "Could not detect network interface"
        log_message "ERROR" "Failed to detect network interface"
        pause_execution
        return
    fi

    print_info "Using interface: $interface"

    # Get the IP address of the interface
    local interface_ip=$(ip addr show "$interface" | grep "inet " | awk '{print $2}' | cut -d/ -f1)

    if [ -z "$interface_ip" ]; then
        print_error "Could not detect interface IP address"
        log_message "ERROR" "Failed to detect interface IP for $interface"
        pause_execution
        return
    fi

    print_info "Interface IP: $interface_ip"

    # Extract the subnet (first 3 octets)
    local subnet=$(echo "$interface_ip" | cut -d. -f1-3).0/24

    # Check if subnet route exists, if not add it
    if ! ip route show | grep -q "$subnet"; then
        print_info "Adding subnet route: $subnet"
        if ip route add "$subnet" dev "$interface" scope link 2>/dev/null; then
            print_success "Subnet route added"
            sleep 1
        fi
    fi

    # Remove old default routes first
    if [ -n "$current_gateway" ]; then
        ip route del default via "$current_gateway" 2>/dev/null || true
    fi

    # Clean up any malformed routes
    ip route | grep -v "^default via" | grep "^[0-9].*dev $interface" | while read -r route; do
        # Only delete if it's not a subnet route
        if ! echo "$route" | grep -q "scope link"; then
            ip route del $route 2>/dev/null || true
        fi
    done

    sleep 1

    # Try to add the new gateway
    if ip route add default via "$new_gateway" 2>/dev/null; then
        print_success "$(net_msg gateway_changed)"
        print_warning "Please restart network service to make changes persistent"
        log_message "INFO" "Gateway changed from $current_gateway to $new_gateway via $interface"
    else
        print_error "$(net_msg gateway_error)"
        print_warning "Gateway not changed. Current gateway remains: $current_gateway"
        log_message "ERROR" "Failed to add new gateway $new_gateway via $interface"
    fi

    pause_execution
}

# ============================================================================
# MANAGE INTERFACES (ifupdown specific)
# ============================================================================

manage_interfaces() {
    show_header
    print_info "$(net_msg menu_option_5)"
    echo ""

    if [ "$NETWORK_MANAGER" != "ifupdown" ]; then
        print_warning "Advanced interface management is only available with ifupdown"
        echo ""
        echo "Current manager: $NETWORK_MANAGER"
        pause_execution
        return
    fi

    local STATE_DIR="/etc/synex-control"
    local DNS_CONF="$STATE_DIR/dns.conf"
    local IFUP_HOOK="/etc/network/if-up.d/synex-control-dns"
    local DHCPCD_EXIT_HOOK="/etc/dhcpcd.exit-hook"

    mkdir -p "$STATE_DIR" 2>/dev/null || true
    mkdir -p /etc/network/interfaces.d 2>/dev/null || true
    mkdir -p /etc/network/if-up.d 2>/dev/null || true

    # ---------------------------------------------------------------------
    # Hook synex-control-dns (idempotente) - mismo que en manage_dns()
    # ---------------------------------------------------------------------
    cat > "$IFUP_HOOK" <<'EOF'
#!/bin/sh
STATE_DIR="/etc/synex-control"
CONF_FILE="$STATE_DIR/dns.conf"
RESOLV="/etc/resolv.conf"

iface="${IFACE:-$1}"
[ -z "$iface" ] && exit 0
[ "$iface" = "lo" ] && exit 0

cfg1="/etc/network/interfaces.d/$iface"
cfg2="/etc/network/interfaces"

detect_method() {
  i="$1"; f="$2"
  [ -f "$f" ] || return 1
  if grep -Eq "^[[:space:]]*iface[[:space:]]+$i[[:space:]]+inet[[:space:]]+static" "$f"; then
    echo "static"; return 0
  fi
  if grep -Eq "^[[:space:]]*iface[[:space:]]+$i[[:space:]]+inet[[:space:]]+dhcp" "$f"; then
    echo "dhcp"; return 0
  fi
  return 1
}

method="$(detect_method "$iface" "$cfg1" 2>/dev/null || true)"
[ -z "$method" ] && method="$(detect_method "$iface" "$cfg2" 2>/dev/null || true)"
[ -z "$method" ] && method="dhcp"

manual=""
[ -f "$CONF_FILE" ] && manual="$(cat "$CONF_FILE" 2>/dev/null | xargs)"

list=""

if [ "$method" = "dhcp" ]; then
  if [ -n "$manual" ]; then
    list="$manual"
  else
    gw="$(ip route show default dev "$iface" 2>/dev/null | awk 'NR==1{print $3}')"
    [ -z "$gw" ] && gw="$(ip route 2>/dev/null | awk '$1=="default"{print $3;exit}')"
    list="$gw"
  fi
else
  # static
  if [ -n "$manual" ]; then
    list="$manual"
  else
    list=""
  fi
fi

{
  echo "# Generated by synex-control"
  if [ -n "$list" ]; then
    for ip in $list; do
      echo "nameserver $ip"
    done
  fi
} > "$RESOLV"

exit 0
EOF
    chmod 0755 "$IFUP_HOOK" 2>/dev/null || true

    # dhcpcd exit-hook (si existe dhcpcd)
    if command -v dhcpcd >/dev/null 2>&1; then
        if [ ! -f "$DHCPCD_EXIT_HOOK" ]; then
            cat > "$DHCPCD_EXIT_HOOK" <<'EOF'
#!/bin/sh
# dhcpcd exit hook - extended by synex-control
EOF
            chmod 0755 "$DHCPCD_EXIT_HOOK" 2>/dev/null || true
        fi

        if ! grep -q "synex-control-dns" "$DHCPCD_EXIT_HOOK" 2>/dev/null; then
            cat >> "$DHCPCD_EXIT_HOOK" <<'EOF'

# synex-control-dns
if [ -x /etc/network/if-up.d/synex-control-dns ]; then
  IFACE="$interface" /etc/network/if-up.d/synex-control-dns >/dev/null 2>&1 || true
fi
EOF
        fi
    fi

    # List interfaces
    print_info "$(net_msg interfaces_list)"
    echo ""

    local -a interfaces
    local count=1
    while IFS= read -r iface; do
        [ -z "$iface" ] && continue
        interfaces+=("$iface")
        echo "$count. $iface"
        ((count++))
    done < <(ip link show | grep "^[0-9]" | awk -F': ' '{print $2}' | grep -v "^lo$")

    if [ ${#interfaces[@]} -eq 0 ]; then
        print_error "$(net_msg no_interfaces)"
        pause_execution
        return
    fi

    echo ""
    read -p "$(net_msg select_interface) (1-${#interfaces[@]}): " iface_choice

    if ! [[ "$iface_choice" =~ ^[0-9]+$ ]] || [ "$iface_choice" -lt 1 ] || [ "$iface_choice" -gt ${#interfaces[@]} ]; then
        print_error "$(net_msg invalid_option)"
        pause_execution
        return
    fi

    local selected_iface="${interfaces[$((iface_choice-1))]}"

    show_header
    print_info "$(net_msg interface_config): $selected_iface"
    echo ""
    echo "1. DHCP"
    echo "2. Static IP"
    echo "0. Cancel"
    echo ""
    read_menu_option "$(net_msg select_option): "
    local method_choice="$MENU_INPUT"

    [[ "$method_choice" == "ESC" || "$method_choice" == "0" ]] && return

    case "$method_choice" in
        1)
            {
                echo "auto $selected_iface"
                echo "iface $selected_iface inet dhcp"
            } > "/etc/network/interfaces.d/$selected_iface"

            if grep -q "^[^#]*iface $selected_iface" /etc/network/interfaces 2>/dev/null; then
                print_info "Removing duplicate config from /etc/network/interfaces..."
                sed -i "/^allow-hotplug $selected_iface/s/^/# /" /etc/network/interfaces
                sed -i "/^auto $selected_iface/s/^/# /" /etc/network/interfaces
                sed -i "/^iface $selected_iface/s/^/# /" /etc/network/interfaces
            fi

            print_info "Applying configuration..."
            ifdown "$selected_iface" 2>/dev/null || true
            sleep 1
            ifup "$selected_iface" 2>/dev/null || true

            # En DHCP: si dns.conf vacío => gateway; si no => manual (sin gateway)
            IFACE="$selected_iface" "$IFUP_HOOK" >/dev/null 2>&1 || true

            print_success "$(net_msg interface_configured)"
            log_message "INFO" "Interface $selected_iface configured for DHCP"
            ;;

        2)
            read -p "IP Address (with netmask, e.g., 192.168.1.100/24): " ip_addr
            read -p "Gateway: " gateway
            read -p "DNS (space separated, max 3 - ENTER vacío = sin DNS): " dns_servers

            if ! validate_ip "${ip_addr%/*}"; then
                print_error "$(net_msg invalid_ip)"
                pause_execution
                return
            fi

            if [ -n "$gateway" ] && ! validate_ip "$gateway"; then
                print_error "$(net_msg invalid_ip): $gateway"
                pause_execution
                return
            fi

            # Si el usuario deja DNS vacío en STATIC => dns.conf vacío (sin resolver)
            if [ -z "$dns_servers" ]; then
                : > "$DNS_CONF"
            else
                local dns
                local replaced=""
                local c=0

                for dns in $dns_servers; do
                    if ! validate_ip "$dns"; then
                        print_error "$(net_msg invalid_ip): $dns"
                        pause_execution
                        return
                    fi

                    case " $replaced " in
                        *" $dns "*) continue ;;
                    esac

                    replaced="${replaced}${replaced:+ }$dns"
                    c=$((c + 1))
                    [ "$c" -ge 3 ] && break
                done

                echo "$replaced" > "$DNS_CONF"
            fi

            {
                echo "auto $selected_iface"
                echo "iface $selected_iface inet static"
                echo "    address $ip_addr"
                [ -n "$gateway" ] && echo "    gateway $gateway"
                # esto queda solo informativo (no depende de resolvconf)
                [ -n "$dns_servers" ] && echo "    dns-nameservers $dns_servers"
            } > "/etc/network/interfaces.d/$selected_iface"

            if grep -q "^[^#]*iface $selected_iface" /etc/network/interfaces 2>/dev/null; then
                print_info "Removing duplicate config from /etc/network/interfaces..."
                sed -i "/^allow-hotplug $selected_iface/s/^/# /" /etc/network/interfaces
                sed -i "/^auto $selected_iface/s/^/# /" /etc/network/interfaces
                sed -i "/^iface $selected_iface/s/^/# /" /etc/network/interfaces
            fi

            print_info "Applying configuration..."
            ifdown "$selected_iface" 2>/dev/null || true
            sleep 1
            ifup "$selected_iface" 2>/dev/null || true

            # En STATIC: si dns.conf vacío => sin resolver; si no => manual (sin gateway)
            IFACE="$selected_iface" "$IFUP_HOOK" >/dev/null 2>&1 || true

            print_success "$(net_msg interface_configured)"
            log_message "INFO" "Interface $selected_iface configured with static IP: $ip_addr"
            ;;

        0)
            print_info "$(net_msg operation_cancelled)"
            ;;

        *)
            print_error "$(net_msg invalid_option)"
            ;;
    esac

    pause_execution
}

# ============================================================================
# RESTART NETWORK SERVICE
# ============================================================================

restart_network() {
    show_header
    print_info "$(net_msg menu_option_6)"
    echo ""

    if ask_yes_no "$(net_msg confirm_change)"; then
        echo ""
        print_info "Restarting network service..."
        echo ""

        case "$NETWORK_MANAGER" in
            NetworkManager)
                systemctl restart NetworkManager
                ;;
            systemd-networkd)
                systemctl restart systemd-networkd
                ;;
            ifupdown)
                systemctl restart networking
                ;;
            *)
                print_error "Unknown network manager"
                pause_execution
                return
                ;;
        esac

        sleep 2

        if ping -c 1 8.8.8.8 &>/dev/null; then
            print_success "$(net_msg net_restarted)"
            log_message "INFO" "Network service restarted successfully"
        else
            print_warning "Network restarted but connectivity check failed"
            log_message "WARNING" "Network restarted but no internet connection detected"
        fi
    else
        print_info "$(net_msg operation_cancelled)"
    fi

    pause_execution
}

# ============================================================================
# MAIN MENU
# ============================================================================

main_menu() {
    # Set breadcrumb for network module
    if [ "$LANG_CHOICE" = "es" ]; then
        breadcrumb_set "Synex Control" "Red"
    else
        breadcrumb_set "Synex Control" "Network"
    fi

    while true; do
        show_header
        print_info "$(net_msg menu_title)"
        echo ""
        echo "$(net_msg menu_option_1)"
        echo "$(net_msg menu_option_2)"
        echo "$(net_msg menu_option_3)"
        echo "$(net_msg menu_option_4)"
        echo "$(net_msg menu_option_5)"
        echo "$(net_msg menu_option_6)"
        echo "$(net_msg menu_option_0)"
        echo ""

        read_menu_option "$(net_msg select_option): "
        local option="$MENU_INPUT"

        [[ "$option" == "ESC" || "$option" == "0" ]] && {
            print_success "$(net_msg operation_cancelled)"
            return
        }

        case "$option" in
            1)
                view_config
                ;;
            2)
                change_hostname
                ;;
            3)
                manage_dns
                ;;
            4)
                manage_gateway
                ;;
            5)
                manage_interfaces
                ;;
            6)
                restart_network
                ;;
            *)
                print_error "$(net_msg invalid_option)"
                pause_execution
                ;;
        esac
    done
}

# ============================================================================
# MAIN EXECUTION
# ============================================================================

main_menu
