Improve forward script and add Linux IP forwarding support

2024-09-11 22:17:44 +03:00 · 2011-05-23 12:06:32 +02:00 · 2011-05-23 12:06:32 +02:00 · 6268386efc
commit 6268386efc
parent 99c1fb9694
1 changed files with 44 additions and 44 deletions
--- a/forward.sh
+++ b/forward.sh
@ -1,6 +1,21 @@
 #!/bin/sh
 # Simple script to enable / disable IP forwarding

+case "${OSTYPE}" in
+    darwin*)
+        WAN_IF="en0"
+        LAN_IF=""
+        ;;
+    linux*)
+        WAN_IF="eth0"
+        LAN_IF="eth1"
+        ;;
+    *)
+        WAN_IF=""
+        LAN_IF=""
+        ;;
+esac
+
 # Show usage information
 usage()
 {
@ -9,57 +24,30 @@ usage()
 $NAME [options] <on|off>
  Enable or disable IP forwarding
    -h            Print this help message
-    -i INTERFACE  WAN interface name
+    -i INTERFACE  WAN interface name (default: ${WAN_IF})
+    -j INTERFACE  LAN interface name (default: ${LAN_IF})
 EOT
 }

-INTERFACE=""
-ENABLE=0
+if [ -z "${WAN_IF}" ]; then
+    echo "Unknown WAN interface" >&2
+    exit 1
+fi

-# Parse the command line and update configuration
-while [ $# -ge 0 ]; do
-    case "$1" in
-      -h)
-        usage
-        exit 0
-        ;;
-      -i)
-        shift
-        INTERFACE=$1
-        ;;
-      -*)
-        usage
-        echo "Unsupported option: $1"
-        exit 1
-        ;;
-      on)
-        ENABLE=1
-        ;;
-      off)
-        ENABLE=0
-        ;;
-      '')
-        break
-        ;;
-      *)
-        usage
-        echo "Unsupported command: $1"
-        exit 1
-        ;;
-    esac
-    shift
-done
+if [ ${UID} -ne 0 ];
+    echo "Superuser privileges are required" >&2
+    exit 1
+fi
+
+ENABLE=0

 case "${OSTYPE}" in
    darwin*)
-        if [ -z "${INTERFACE}" ]; then
-            INTERFACE="en0"
-        fi
        if [ ${ENABLE} -eq 1 ]; then
-            echo "Enabling IP forwarding through interface $INTERFACE"
+            echo "Enabling IP forwarding through interface ${WAN_IF}"
            sysctl -w net.inet.ip.forwarding=1
-            natd -interface ${INTERFACE}
-            ipfw add divert natd ip from any to any via ${INTERFACE}
+            natd -interface ${WAN_IF}
+            ipfw add divert natd ip from any to any via ${WAN_IF}
        else
            echo "Disabling IP forwarding"
            ipfw delete `sudo ipfw show | grep divert | cut -d' ' -f1`
@ -68,8 +56,20 @@ case "${OSTYPE}" in
        fi
        ;;
    linux*)
-        echo "Forward mode for Linux is not supported yet" >&2
-        exit 1
+        if [ -z "${LAN_IF}" ]; then
+            echo "Unknown LAN interface" >&2
+            exit 1
+        fi
+        if [ ${ENABLE} -eq 1 ]; then
+            echo "Enabling IP forwarding through interface $WAN_IF"
+            iptables --table nat --append POSTROUTING \
+                --out-interface ${WAN_IF} -j MASQUERADE
+            iptables --append FORWARD --in-interface ${LAN_IF} -j ACCEPT
+            echo 1 > /proc/sys/net/ipv4/ip_forward
+        else
+            echo "Disabling IP forwarding"
+            echo 0 > /proc/sys/net/ipv4/ip_forward
+        fi
        ;;
    *)
        echo "Forward mode for OS '${OSTYPE}' is not supported yet" >&2