diff options
| author | ficus <ficus@robocracy.org> | 2012-09-11 01:16:38 +0200 |
|---|---|---|
| committer | ficus <ficus@robocracy.org> | 2012-09-12 01:25:30 +0200 |
| commit | e55744bb195f0d665332ceb48acb57b4a4e186b5 (patch) | |
| tree | 70824873c9dad07bf55c9e8101a97321f78fc6f5 /freedom-maker/source/etc/init.d/proxy | |
| parent | e109d94422d0687fc84d8aa1804c2b209785d0aa (diff) | |
| download | torouter-e55744bb195f0d665332ceb48acb57b4a4e186b5.tar.gz torouter-e55744bb195f0d665332ceb48acb57b4a4e186b5.zip | |
update to FBx public-0.1 freedom-maker
Snapshot commit with no torouter-specific changes re-applied.
Updated freedom-maker image to a significantly more recent version, used
by the FreedomBox project. This includes a shift from debian "stable" to
"testing" (wheezy), which has a Linux 3.2 kernel.
date Fri, 24 Aug 2012 03:50:41 +0000
repo git://anonscm.debian.org/freedombox/freedom-maker.git
commit de1f66f0651a3a7c306331eeda1db93535b1470a (public-0.1)
Diffstat (limited to 'freedom-maker/source/etc/init.d/proxy')
| -rwxr-xr-x | freedom-maker/source/etc/init.d/proxy | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/freedom-maker/source/etc/init.d/proxy b/freedom-maker/source/etc/init.d/proxy new file mode 100755 index 0000000..901507b --- /dev/null +++ b/freedom-maker/source/etc/init.d/proxy @@ -0,0 +1,61 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: proxy +# Required-Start: $network $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Proxy for clients. +### END INIT INFO + +set -e + +INTIF1="eth0" +INTIF2="uap0" +EXTIF="eth1" +EXTIP="`/sbin/ifconfig $EXTIF | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`" + +loadModules() { + depmod -a + modprobe ip_tables + modprobe ip_conntrack + modprobe ip_conntrack_ftp + modprobe ip_conntrack_irc + modprobe iptable_nat + modprobe ip_nat_ftp +} + +setProc() { + echo "1" > /proc/sys/net/ipv4/ip_forward + echo "1" > /proc/sys/net/ipv4/ip_dynaddr +} + +configIpTables() { + iptables -P INPUT ACCEPT + iptables -F INPUT + iptables -P OUTPUT ACCEPT + iptables -F OUTPUT + iptables -P FORWARD DROP + iptables -F FORWARD + iptables -t nat -F + + iptables -A FORWARD -i $EXTIF -o $INTIF1 -m state --state ESTABLISHED,RELATED -j ACCEPT + iptables -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT + iptables -A FORWARD -i $INTIF1 -o $EXTIF -j ACCEPT + iptables -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT + + iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE +} + +case "$1" in + start) + loadModules + setProc + configIpTables + ;; + *) + log_success_msg "Usage: /etc/init.d/proxy {start}" + exit 1 + ;; +esac |