#! /bin/sh

### BEGIN INIT INFO
# Provides:             proxy
# Required-Start:       $network $remote_fs $syslog
# Required-Stop:        $remote_fs $syslog
# Default-Start:        2 3 4 5
# Default-Stop:         0 1 6
# Short-Description:    Proxy for clients.
### END INIT INFO

set -e

INTIF1="eth0"
INTIF2="uap0"
EXTIF="eth1"
EXTIP="`/sbin/ifconfig $EXTIF | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"

loadModules() {
    depmod -a
    modprobe ip_tables
    modprobe ip_conntrack
    modprobe ip_conntrack_ftp
    modprobe ip_conntrack_irc
    modprobe iptable_nat
    modprobe ip_nat_ftp
}

setProc() {
    echo "1" > /proc/sys/net/ipv4/ip_forward
    echo "1" > /proc/sys/net/ipv4/ip_dynaddr
}

configIpTables() {
    iptables -P INPUT ACCEPT
    iptables -F INPUT
    iptables -P OUTPUT ACCEPT
    iptables -F OUTPUT
    iptables -P FORWARD DROP
    iptables -F FORWARD
    iptables -t nat -F

    iptables -A FORWARD -i $EXTIF -o $INTIF1 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i $INTIF1 -o $EXTIF -j ACCEPT
    iptables -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT

    iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
}

case "$1" in
    start)
        loadModules
        setProc
        configIpTables
        ;;
    *)
        log_success_msg "Usage: /etc/init.d/proxy {start}"
        exit 1
        ;;
esac