projects
/
rrq
/
hourglass.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
debugging galore
[rrq/hourglass.git]
/
setup.sh
diff --git
a/setup.sh
b/setup.sh
index 4cf7a80d8c6ffdb89e89bab1042029d40583208c..951d3aca0e7b33408f7293dab3f5e5ca1d8da6fb 100755
(executable)
--- a/
setup.sh
+++ b/
setup.sh
@@
-5,12
+5,19
@@
CONF="hourglass.conf"
function getcfg() {
CONF="hourglass.conf"
function getcfg() {
- grep -E "\\s*[^;#]$1]\\s*=" $CONF | sed 's/.*=\s*(.*)/\1/;s/\s*$//'
+ awk -v K="$1" '$1==K {print;exit;}' $CONF |
+ sed 's/^[^=]*=\s*//;s/\s*$//'
}
}
-
-NET="$(getcfg listener.ip)"
+NET="$(getcfg listener.net)"
TAP="$(getcfg listener.tap)"
SET="$(getcfg ipset.table)"
TAP="$(getcfg listener.tap)"
SET="$(getcfg ipset.table)"
+CMD="${1-start}"
+
+cat <<EOF
+NET=$NET:
+TAP=$TAP:
+SET=$SET:
+EOF
cd $(dirname $0)
cd $(dirname $0)
@@
-26,8
+33,6
@@
case "$CMD" in
else
ipset create $SET hash:net
fi
else
ipset create $SET hash:net
fi
- iptables -A FORWARD -p tcp --dport 53 -j ACCEPT
- iptables -A FORWARD -p udp --dport 53 -j ACCEPT
iptables -A FORWARD -m set --match-set $SET src -j DROP
fi
# Start the traffic listener
iptables -A FORWARD -m set --match-set $SET src -j DROP
fi
# Start the traffic listener
@@
-35,25
+40,23
@@
case "$CMD" in
echo "Already started"
else
date >> /tmp/hourglass-listener.log
echo "Already started"
else
date >> /tmp/hourglass-listener.log
-
newlisp listener.lsp
>> /tmp/hourglass-listener.log 2>&1 &
+
./hourglass listener
>> /tmp/hourglass-listener.log 2>&1 &
while sleep 1 ; do
ifconfig $TAP >& /dev/null && break
while sleep 1 ; do
ifconfig $TAP >& /dev/null && break
- echo $TAP not up yet
+ echo $TAP not up yet
>&2
done
ifconfig $TAP $NET.1 up
done
ifconfig $TAP $NET.1 up
- iptables -t mangle -A FORWARD -p tcp --dport 53 -j RETURN
- iptables -t mangle -A FORWARD -p udp --dport 53 -j RETURN
iptables -t mangle -A FORWARD ${RULE[@]}
fi
;;
stop)
iptables -t mangle -A FORWARD ${RULE[@]}
fi
;;
stop)
- iptables -t mangle -F FORWARD
if ifconfig $TAP >& /dev/null ; then
if ifconfig $TAP >& /dev/null ; then
- pkill -2 -f
listener.lsp
+ pkill -2 -f
"hourglass listener"
else
echo "Already stopped"
fi
ipset flush $SET
else
echo "Already stopped"
fi
ipset flush $SET
+ iptables -t mangle -D FORWARD ${RULE[@]}
;;
*)
echo "Unknown: $CMD"
;;
*)
echo "Unknown: $CMD"