aboutsummaryrefslogtreecommitdiff
path: root/contrib/netjail/netjail_start.sh
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/netjail/netjail_start.sh')
-rwxr-xr-xcontrib/netjail/netjail_start.sh92
1 files changed, 0 insertions, 92 deletions
diff --git a/contrib/netjail/netjail_start.sh b/contrib/netjail/netjail_start.sh
deleted file mode 100755
index e2d5fd634..000000000
--- a/contrib/netjail/netjail_start.sh
+++ /dev/null
@@ -1,92 +0,0 @@
1#!/bin/bash
2. "$(dirname $0)/netjail_core.sh"
3. "$(dirname $0)/topo.sh"
4
5set -eu
6set -x
7
8export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
9
10filename=$1
11PREFIX=$2
12readfile=$3
13
14BROADCAST=0
15
16if [ $readfile -eq 0 ]
17then
18 read_topology_string "$filename"
19else
20 echo read file
21 read_topology $filename
22fi
23
24shift 2
25
26LOCAL_GROUP="192.168.15"
27GLOBAL_GROUP="92.68.150"
28KNOWN_GROUP="92.68.151"
29
30if [ $BROADCAST -eq 0 ]; then
31 PORT="60002"
32else
33 PORT="2086"
34fi
35
36echo "Start [local: $LOCAL_GROUP.0/24, global: $GLOBAL_GROUP.0/16]"
37
38netjail_bridge
39NETWORK_NET=$RESULT
40
41for X in $(seq $KNOWN); do
42 netjail_node
43 KNOWN_NODES[$X]=$RESULT
44 netjail_node_link_bridge ${KNOWN_NODES[$X]} $NETWORK_NET "$KNOWN_GROUP.$X" 16
45 KNOWN_LINKS[$X]=$RESULT
46done
47
48declare -A NODES
49declare -A NODE_LINKS
50
51for N in $(seq $GLOBAL_N); do
52 netjail_node
53 ROUTERS[$N]=$RESULT
54 netjail_node_link_bridge ${ROUTERS[$N]} $NETWORK_NET "$GLOBAL_GROUP.$N" 16
55 NETWORK_LINKS[$N]=$RESULT
56 netjail_bridge
57 ROUTER_NETS[$N]=$RESULT
58
59 for M in $(seq $LOCAL_M); do
60 netjail_node
61 NODES[$N,$M]=$RESULT
62 netjail_node_link_bridge ${NODES[$N,$M]} ${ROUTER_NETS[$N]} "$LOCAL_GROUP.$M" 24
63 NODE_LINKS[$N,$M]=$RESULT
64 done
65
66 ROUTER_ADDR="$LOCAL_GROUP.$(($LOCAL_M+1))"
67 netjail_node_link_bridge ${ROUTERS[$N]} ${ROUTER_NETS[$N]} $ROUTER_ADDR 24
68 ROUTER_LINKS[$N]=$RESULT
69
70 netjail_node_add_nat ${ROUTERS[$N]} $ROUTER_ADDR 24
71
72 for M in $(seq $LOCAL_M); do
73 netjail_node_add_default ${NODES[$N,$M]} $ROUTER_ADDR
74 done
75
76 # TODO Topology configuration must be enhanced to configure forwarding to more than one subnet node via different ports.
77
78 if [ "1" == "${R_TCP[$N]}" ]
79 then
80 #ip netns exec ${ROUTERS[$N]} nft add rule ip nat prerouting ip daddr $GLOBAL_GROUP.$N tcp dport 60002 counter dnat to $LOCAL_GROUP.1
81 #ip netns exec ${ROUTERS[$N]} nft add rule ip filter FORWARD ip daddr $LOCAL_GROUP.1 ct state new,related,established counter accept
82 ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p tcp -d $GLOBAL_GROUP.$N --dport 60002 -j DNAT --to $LOCAL_GROUP.1
83 ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
84 fi
85 if [ "1" == "${R_UDP[$N]}" ]
86 then
87 #ip netns exec ${ROUTERS[$N]} nft add rule ip nat prerouting ip daddr $GLOBAL_GROUP.$N udp dport $PORT counter dnat to $LOCAL_GROUP.1
88 #ip netns exec ${ROUTERS[$N]} nft add rule ip filter FORWARD ip daddr $LOCAL_GROUP.1 ct state new,related,established counter accept
89 ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p udp -d $GLOBAL_GROUP.$N --dport $PORT -j DNAT --to $LOCAL_GROUP.1
90 ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
91 fi
92done