3 # This is a control script to start and stop the network activity
8 awk -v K="$1" '$1==K {print;exit;}' $CONF |
9 sed 's/^[^=]*=\s*//;s/\s*$//'
11 NET="$(getcfg listener.net)"
12 TAP="$(getcfg listener.tap)"
13 SET="$(getcfg ipset.table)"
24 RULE=( ! -o $TAP -j TEE --gateway $NET.2 --oif $TAP )
27 # start the blocking rule
28 if iptables-save | grep -qs "match-set $SET" ; then
31 if ipset list $SET >& /dev/null ; then
34 ipset create $SET hash:net
36 iptables -A FORWARD -m set --match-set $SET src -j DROP
38 # Start the traffic listener
39 if ifconfig $TAP >& /dev/null ; then
40 echo "Already started"
42 date >> /tmp/hourglass-listener.log
43 ./hourglass listener >> /tmp/hourglass-listener.log 2>&1 &
45 ifconfig $TAP >& /dev/null && break
46 echo $TAP not up yet >&2
48 ifconfig $TAP $NET.1 up
49 iptables -t mangle -A FORWARD ${RULE[@]}
53 if ifconfig $TAP >& /dev/null ; then
54 pkill -2 -f "hourglass listener"
56 echo "Already stopped"
59 iptables -t mangle -D FORWARD ${RULE[@]}