# This is a control script to start and stop the network activity
# listening.
-CMD=${1-start}
-NET=192.168.249
-TAP=hourglass0
-SET=TIMO
+CONF="hourglass.conf"
+function getcfg() {
+ awk -v K="$1" '$1==K {print;exit;}' $CONF |
+ sed 's/^[^=]*=\s*//;s/\s*$//'
+}
+NET="$(getcfg listener.net)"
+TAP="$(getcfg listener.tap)"
+SET="$(getcfg ipset.table)"
+CMD="${1-start}"
+
+cat <<EOF
+NET=$NET:
+TAP=$TAP:
+SET=$SET:
+EOF
cd $(dirname $0)
else
ipset create $SET hash:net
fi
- iptables -A FORWARD -p tcp --dport 53 -j ACCEPT
- iptables -A FORWARD -p udp --dport 53 -j ACCEPT
iptables -A FORWARD -m set --match-set $SET src -j DROP
fi
# Start the traffic listener
echo "Already started"
else
date >> /tmp/hourglass-listener.log
- newlisp listener.lsp >> /tmp/hourglass-listener.log 2>&1 &
+ ./hourglass listener >> /tmp/hourglass-listener.log 2>&1 &
while sleep 1 ; do
ifconfig $TAP >& /dev/null && break
- echo $TAP not up yet
+ echo $TAP not up yet >&2
done
ifconfig $TAP $NET.1 up
- iptables -t mangle -A FORWARD -p tcp --dport 53 -j RETURN
- iptables -t mangle -A FORWARD -p udp --dport 53 -j RETURN
iptables -t mangle -A FORWARD ${RULE[@]}
fi
;;
stop)
- iptables -t mangle -F FORWARD
if ifconfig $TAP >& /dev/null ; then
- pkill -2 -f listener.lsp
+ pkill -2 -f "hourglass listener"
else
echo "Already stopped"
fi
ipset flush $SET
+ iptables -t mangle -D FORWARD ${RULE[@]}
;;
*)
echo "Unknown: $CMD"