Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #! /bin/bash
- function log() {
- echo "$@"
- "$@"
- }
- bridge="br0"
- tap="$1"
- net="$(echo "${tap}" | sed -re 's:[^0-9]+::g')"
- case "$0" in
- *.ifup.sh)
- action="up"
- ;;
- *.ifdown.sh)
- action="down"
- ;;
- esac
- if [ "${action}" = "up" ]
- then
- log ifconfig "${tap}" "10.0.${net}.1" up netmask 255.255.255.0
- if [ "$(cat /proc/sys/net/ipv4/ip_forward)" != "1" ]
- then
- echo "echo 1 > /proc/sys/net/ipv4/ip_forward"
- echo 1 > /proc/sys/net/ipv4/ip_forward
- fi
- fi
- iptables -L -v | awk '
- BEGIN {
- n = 0
- }
- /^Chain FORWARD/,/^$/ {
- if (match($0, /^ /)) {
- n ++
- if ($6 == "'$tap'" || $7 == "'$tap'") {
- print n
- }
- }
- }
- ' | tac | while read num
- do
- log iptables -D FORWARD "${num}"
- done
- iptables -t nat -L -v | awk '
- BEGIN {
- n = 0
- }
- /^Chain POSTROUTING/,/^$/ {
- if (match($0, /^ /)) {
- n ++
- if ($3 == "MASQUERADE" && $7 == "'$bridge'") {
- print n
- }
- }
- }
- ' | tac | while read num
- do
- log iptables -t nat -D POSTROUTING "${num}"
- done
- if [ "${action}" = "up" ]
- then
- log iptables -t nat -A POSTROUTING -o "${bridge}" -j MASQUERADE
- log iptables -I FORWARD 1 -i "${tap}" -j ACCEPT
- log iptables -I FORWARD 1 -o "${tap}" -m state --state RELATED,ESTABLISHED -j ACCEPT
- else
- log ifconfig "${tap}" down
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
