-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathtecff-ipv6-tunnel-helper
executable file
·34 lines (31 loc) · 1.52 KB
/
tecff-ipv6-tunnel-helper
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/bin/bash
# this script is used on a B.A.T.M.A.N. gateway to change the routing of IPv6 packages to use the 6in4 tunnel
# dependencies: ip6tables, iproute2
if [ -z "$1" ] || [ -z "$2" ] || [ -z "$3" ] || [ -z "$4" ] || [ -z "$5" ]; then
echo "missing parameters! ((up|down), BRIDGEIF, TUNIF, DEFGW, SUBNETIP)"
exit 1
fi
BRIDGEIF="$2"
TUNIF="$3"
DEFGW="$4"
SUBNETIP="$5"
if [ "$1" == "up" ]; then
ip -6 addr add $SUBNETIP dev $BRIDGEIF
ip -6 route add unreachable default metric 2000 table 42
ip -6 route add $SUBNETIP dev $BRIDGEIF table 42
ip -6 route add default via $DEFGW table 42 dev $TUNIF
ip -6 rule add iif $BRIDGEIF table 42
ip6tables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1240
ip6tables -A FORWARD -i $TUNIF -o $BRIDGEIF -m comment --comment "000 Allow v6-tunnel to bridge forwarding" -j ACCEPT
ip6tables -A FORWARD -i $BRIDGEIF -o $TUNIF -m comment --comment "000 Allow bridge to v6-tunnel forwarding" -j ACCEPT
else
systemctl stop radvd.service
ip6tables -D FORWARD -i $TUNIF -o $BRIDGEIF -m comment --comment "000 Allow v6-tunnel to bridge forwarding" -j ACCEPT
ip6tables -D FORWARD -i $BRIDGEIF -o $TUNIF -m comment --comment "000 Allow bridge to v6-tunnel forwarding" -j ACCEPT
ip6tables -D FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1240
ip -6 rule del iif $BRIDGEIF table 42
ip -6 route del default via $DEFGW table 42 dev $TUNIF
ip -6 route del $SUBNETIP dev $BRIDGEIF table 42
ip -6 route del unreachable default metric 2000 table 42
ip -6 addr del $SUBNETIP dev $BRIDGEIF
fi