#!/bin/bash # # Copyright 2012 - Jean-Sebastien Morisset - http://surniaulula.com/ # # This script is free software; you can redistribute it and/or modify it under # the terms of the GNU General Public License as published by the Free Software # Foundation; either version 3 of the License, or (at your option) any later # version. # # This script is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more # details at http://www.gnu.org/licenses/. # # --- START OF CONFIGURATION SECTION --- rt_tables[100]="intern" rt_tables[200]="prov_1" rt_tables[300]="prov_2" NetInfo () { # ------------------------------gateway---------metric--table---prio----fwd'ing case "$1" in 17.10.20.0/23) echo 17.10.20.1 100 prov_1 5000 1 ;; 84.70.129.64/28) echo 84.70.129.65 100 prov_2 4000 1 ;; 105.104.78.152/29) echo 105.104.78.153 100 prov_2 3000 1 ;; 105.104.72.16/28) echo 105.104.72.17 100 prov_2 2000 1 ;; 192.168.0.0/24) echo 192.168.0.1 100 intern 1100 0 ;; 10.201.50.0/24) echo 10.201.50.1 200 intern 1200 0 ;; esac } # --- END OF CONFIGURATION SECTION --- RouteNet () { # return if we don't have all 8 arguments [ "${#@}" != 8 ] && return # name the arguments to keep things clear dev="$1" ip="$2" net_mask="$3" gw="$4" metric="$5" table="$6" prio="$7" fwd="$8" echo sysctl -w net.ipv4.conf.$dev.forwarding=$fwd for action in del add do cat </dev/stderr exit 1 elif [ -z "`which ipcalc`" ] then echo "\"ipcalc\" binary not found!" >/dev/stderr exit 1 elif [ -z "`ip rule list|grep 'from all lookup main'`" ] then echo "kernel does not appear to support policy routing" >/dev/stderr exit 1 fi } # parse the command line, skipping stuff we don't know, until there's nothing left while : do for arg in "$@" do case $arg in -t) no_change="1"; shift 1;; *) shift 1 ;; esac continue 2 done break done CheckDeps echo "" [ -z "$no_change" ] && \ cat /dev/null > /etc/iproute2/rt_tables for rt in "${!rt_tables[@]}" do echo "adding routing table: $rt ${rt_tables[$rt]}" [ -z "$no_change" ] && \ echo "$rt ${rt_tables[$rt]}" >> /etc/iproute2/rt_tables done interfaces="`ip addr show | sed -n 's/^[0-9][0-9]*: \([^:]*\): .*$/\1/p'`" # reset the command-line arguments with the interface names set -- $interfaces ShowTables "BEFORE" echo "EXEC RULES AND ROUTES" { for dev in "$@" do for ip_mask in `ip addr show $dev | sed -n 's/^\s*inet \([0-9\.\/]*\) .*$/\1/p'` do ip=${ip_mask%/*} mask=${ip_mask#*/} [ -z "$ip" -o -z "$mask" ] && echo "error reading \"ip addr show $dev\" info" >/dev/stderr [ "$mask" -eq "32" ] && net="$ip" || \ net="`ipcalc -n $ip/$mask|sed -n 's/^network[=:][[:space:]]*\([0-9\.]*\).*$/\1/ip'`" [ -z "$net" ] && echo "error reading \"ipcalc -n $ip/$mask\" output" >/dev/stderr RouteNet $dev $ip $net/$mask `NetInfo $net/$mask` done done # remove possible duplicate default routes etc from multiple ips on same network # sort reverse to exec the deletes first, then the adds } | sort -u -r | while read line do echo "$line" [ -z "$no_change" ] && \ eval $line >/dev/null 2>&1 done ShowTables "AFTER" ip route flush cache echo "FORWARDING" sysctl -a 2>/dev/null | grep '^net\.ipv4\..*\.forwarding' echo ""