projects / rrq / hourglass.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
fixes; first version
[rrq/hourglass.git] / setup.sh
1 #!/bin/bash
2 #
3 # This is a control script to start and stop the network activity
4 # listening.
5
6 CONF="hourglass.conf"
7 function getcfg() {
8     awk -v K="$1" '$1==K {print;exit;}' $CONF |
9         sed 's/^[^=]*=\s*//;s/\s*$//'
10 }
11 NET="$(getcfg listener.net)"
12 TAP="$(getcfg listener.tap)"
13 SET="$(getcfg ipset.table)"
14 CMD="${1-start}"
15
16 cat <<EOF
17 NET=$NET:
18 TAP=$TAP:
19 SET=$SET:
20 EOF
21
22 cd $(dirname $0)
23
24 RULE=( ! -o $TAP -j TEE --gateway $NET.2 --oif $TAP )
25 case "$CMD" in
26     start)
27         # start the blocking rule
28         if iptables-save | grep -qs "match-set $SET" ; then
29             : # all fine
30         else
31             if ipset list $SET >& /dev/null ; then
32                 : # The set exists
33             else
34                 ipset create $SET hash:net
35             fi
36             iptables -A FORWARD -m set --match-set $SET src -j DROP
37         fi
38         # Start the traffic listener
39         if ifconfig $TAP >& /dev/null ; then
40             echo "Already started"
41         else
42             date >> /tmp/hourglass-listener.log
43             ./hourglass listener >> /tmp/hourglass-listener.log 2>&1 &
44             while sleep 1 ; do
45                 ifconfig $TAP >& /dev/null && break
46                 echo $TAP not up yet >&2
47             done
48             ifconfig $TAP $NET.1 up
49             iptables -t mangle -A FORWARD ${RULE[@]}
50         fi
51         ;;
52     stop)
53         if ifconfig $TAP >& /dev/null ; then
54             pkill -2 -f "hourglass listener"
55         else
56             echo "Already stopped"
57         fi
58         ipset flush $SET
59         iptables -t mangle -D FORWARD ${RULE[@]}
60         ;;
61     *)
62         echo "Unknown: $CMD"
63         ;;
64 esac
parental network access scheduling for linux router