#!/bin/sh

set -e

case "${1}" in
	install)

cat > /etc/modprobe.d/CVE-2026-43284.conf << EOF
# /etc/modprobe.d/CVE-2026-43284.conf

# Name: Dirty Frag (Part 1) / Copy Fail 2
# URL:  https://github.com/V4bel/dirtyfrag
# URL:  https://github.com/0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo

blacklist esp4
install esp4 /bin/false

blacklist esp6
install esp6 /bin/false

blacklist xfrm_user
install xfrm_user /bin/false

blacklist xfrm_algo
install xfrm_algo /bin/false
EOF

		rmmod esp4 > /dev/null 2>&1 || true
		rmmod esp6 > /dev/null 2>&1 || true

		rmmod xfrm_user 2>&1 || true
		rmmod xfrm_algo 2>&1 || true

		echo 3 > /proc/sys/vm/drop_caches
		;;

	remove)
		rm -f /etc/modprobe.d/CVE-2026-43284.conf
		;;
esac
