Home Explore Help
Register Sign In
lixinlong
/
ctn2
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
ctn2
/
CZ_SHUNYUANLU
/
test
/
setup_ga_network.sh

setup_ga_network.sh 2.3 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. #!/bin/sh
    2. 

  2. BRIDGE=mg_bridge0
    3. 

  3. BRIDGE_BROADCAST=192.168.32.255
    4. 

  4. BRIDGE_IP=192.168.32.1
    5. 

  5. BRIDGE_IP_MASK=192.168.32.0/24
    6. 

  6. BRIDGE_MASK=255.255.255.0
    7. 

  7. PHY=eth0
    8. 

  8. TAP=tap0
    9. 

  9. 

  10. # see our network configuration
    11. 

  11. echo "Network configuration:"
    12. 

  12. timeout 1s ifconfig
    13. 

  13. timeout 1s sudo route -n    # see our gateway
    14. 

  14. timeout 1s bridge link
    15. 

  15. timeout 1s bridge fdb
    16. 

  16. echo
    17. 

  17. 

  18. # Package installation
    19. 

  19. echo "Package installation"
    20. 

  20. sudo apt-get -y install isc-dhcp-server net-tools
    21. 

  21. # sudo apt-get -y install build-essential sshpassecho "Network configuration script: Bridge"
    22. 

  22. echo
    23. 

  23. 

  24. echo "Network configuration script: TAP"
    25. 

  25. sudo ip link add $BRIDGE type bridge	# Create brige
    26. 

  26. sudo ifconfig $BRIDGE $BRIDGE_IP netmask $BRIDGE_MASK up
    27. 

  27. echo
    28. 

  28. 

  29. echo "Create $TAP attached to $BRIDGE"
    30. 

  30. sudo ip tuntap add dev $TAP mode tap	# Create tuntap
    31. 

  31. sudo ip link set $TAP master $BRIDGE	# Link tap-bridge
    32. 

  32. sudo ip link set $TAP up
    33. 

  33. echo
    34. 

  34. 

  35. echo "Network configuration script: NAT"
    36. 

  36. sudo iptables -A FORWARD -d $BRIDGE_IP_MASK -o $BRIDGE -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    37. 

  37. sudo iptables -A FORWARD -s $BRIDGE_IP_MASK -i $BRIDGE -j ACCEPT
    38. 

  38. sudo iptables -A FORWARD -i $BRIDGE -o $BRIDGE -j ACCEPT
    39. 

  39. sudo iptables -A FORWARD -o $BRIDGE -j REJECT --reject-with icmp-port-unreachable
    40. 

  40. sudo iptables -A FORWARD -i $BRIDGE -j REJECT --reject-with icmp-port-unreachable
    41. 

  41. sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK -d 224.0.0.0/24 -j RETURN
    42. 

  42. sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK -d 255.255.255.255/32 -j RETURN
    43. 

  43. sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK ! -d $BRIDGE_IP_MASK -p tcp -j MASQUERADE --to-ports 1024-65535
    44. 

  44. sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK ! -d $BRIDGE_IP_MASK -p udp -j MASQUERADE --to-ports 1024-65535
    45. 

  45. sudo iptables -t nat -A POSTROUTING -s $BRIDGE_IP_MASK ! -d $BRIDGE_IP_MASK -j MASQUERADE
    46. 

  46. echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
    47. 

  47. echo
    48. 

  48. 

  49. # Setup DHCP server
    50. 

  50. echo "Network configuration script: DHCP server"
    51. 

  51. echo "Serving from $BRIDGE_IP"
    52. 

  52. echo "dhcpd.conf:"
    53. 

  53. cat test/dhcpd.conf
    54. 

  54. echo
    55. 

  55. sudo cp test/dhcpd.conf /etc/dhcp/dhcpd.conf
    56. 

  56. sudo chmod a+w /var/lib/dhcp/*
    57. 

  57. sudo dhcpd mg_bridge0 &
    58. 

  58. echo
    59. 

  59. 

  60. # Do we have connectivity ?
    61. 

  61. echo "Check connectivity:"
    62. 

  62. wget https://cesanta.com/robots.txt
    63. 

  63. echo robots.txt:
    64. 

  64. cat  robots.txt
    65. 

  65. rm   robots.txt
    66. 

  66. echo
    67. 

  67. 

  68. # Confirm OK
    69. 

  69. echo "Done:"
    70. 

  70. timeout 1s ifconfig       
    71. 

  71. timeout 1s sudo route -n
    72. 

  72. timeout 1s bridge fdb
    73. 

  73. timeout 1s bridge link
    74. 

  74.