freedom-maker/source/etc/init.d/proxy


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

#! /bin/sh

### BEGIN INIT INFO
# Provides:             proxy
# Required-Start:       $network $remote_fs $syslog
# Required-Stop:        $remote_fs $syslog
# Default-Start:        2 3 4 5
# Default-Stop:         0 1 6
# Short-Description:    Proxy for clients.
### END INIT INFO

set -e

INTIF1="eth0"
INTIF2="uap0"
EXTIF="eth1"
EXTIP="`/sbin/ifconfig $EXTIF | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"

loadModules() {
    depmod -a
    modprobe ip_tables
    modprobe ip_conntrack
    modprobe ip_conntrack_ftp
    modprobe ip_conntrack_irc
    modprobe iptable_nat
    modprobe ip_nat_ftp
}

setProc() {
    echo "1" > /proc/sys/net/ipv4/ip_forward
    echo "1" > /proc/sys/net/ipv4/ip_dynaddr
}

configIpTables() {
    iptables -P INPUT ACCEPT
    iptables -F INPUT
    iptables -P OUTPUT ACCEPT
    iptables -F OUTPUT
    iptables -P FORWARD DROP
    iptables -F FORWARD
    iptables -t nat -F

    iptables -A FORWARD -i $EXTIF -o $INTIF1 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i $INTIF1 -o $EXTIF -j ACCEPT
    iptables -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT

    iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
}

case "$1" in
    start)
        loadModules
        setProc
        configIpTables
        ;;
    *)
        log_success_msg "Usage: /etc/init.d/proxy {start}"
        exit 1
        ;;
esac