forked from cesanta/mongoose
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsetup_ga_network.sh
More file actions
executable file
·74 lines (66 loc) · 2.35 KB
/
Copy pathsetup_ga_network.sh
File metadata and controls
executable file
·74 lines (66 loc) · 2.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/bin/sh
BRIDGE=mg_bridge0
BRIDGE_BROADCAST=192.168.32.255
BRIDGE_IP=192.168.32.1
BRIDGE_IP_MASK=192.168.32.0/24
BRIDGE_MASK=255.255.255.0
PHY=eth0
TAP=tap0
# see our network configuration
echo "Network configuration:"
timeout 1s ifconfig
timeout 1s sudo route -n # see our gateway
timeout 1s bridge link
timeout 1s bridge fdb
echo
# Package installation
echo "Package installation"
sudo apt-get -y install isc-dhcp-server net-tools
# sudo apt-get -y install build-essential sshpassecho "Network configuration script: Bridge"
echo
echo "Network configuration script: TAP"
sudo ip link add $BRIDGE type bridge # Create brige
sudo ifconfig $BRIDGE $BRIDGE_IP netmask $BRIDGE_MASK up
echo
echo "Create $TAP attached to $BRIDGE"
sudo ip tuntap add dev $TAP mode tap # Create tuntap
sudo ip link set $TAP master $BRIDGE # Link tap-bridge
sudo ip link set $TAP up
echo
echo "Network configuration script: NAT"
sudo iptables -A FORWARD -d $BRIDGE_IP_MASK -o $BRIDGE -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -s $BRIDGE_IP_MASK -i $BRIDGE -j ACCEPT
sudo iptables -A FORWARD -i $BRIDGE -o $BRIDGE -j ACCEPT
sudo iptables -A FORWARD -o $BRIDGE -j REJECT --reject-with icmp-port-unreachable
sudo iptables -A FORWARD -i $BRIDGE -j REJECT --reject-with icmp-port-unreachable
sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK -d 224.0.0.0/24 -j RETURN
sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK -d 255.255.255.255/32 -j RETURN
sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK ! -d $BRIDGE_IP_MASK -p tcp -j MASQUERADE --to-ports 1024-65535
sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK ! -d $BRIDGE_IP_MASK -p udp -j MASQUERADE --to-ports 1024-65535
sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK ! -d $BRIDGE_IP_MASK -j MASQUERADE
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
echo
# Setup DHCP server
echo "Network configuration script: DHCP server"
echo "Serving from $BRIDGE_IP"
export HOST_IP = $BRIDGE_IP
echo "dhcpd.conf:"
cat test/dhcpd.conf
echo
sudo cp test/dhcpd.conf /etc/dhcp/dhcpd.conf
sudo chmod a+w /var/lib/dhcp/*
sudo dhcpd mg_bridge0 &
echo
# Do we have connectivity ?
echo "Check connectivity:"
wget https://cesanta.com/robots.txt
echo robots.txt:
cat robots.txt
rm robots.txt
echo
# Confirm OK
echo "Done:"
timeout 1s ifconfig
timeout 1s sudo route -n
timeout 1s bridge fdb
timeout 1s bridge link