#!/bin/sh ## Variablen GATEWAY_DEF=X.X.X.25 GATEWAY_T2=Y.Y.Y.177 IP_T2=Y.Y.Y.180 IFACE_INT=eth0 ## Kernelparameter echo "1" > /proc/sys/net/ipv4/conf/all/forwarding ############ ## Status ## ############ if [ "$1" = "status" ] then echo "Default Route"\n ip route show echo "Spacenet Route"\n ip route show table 2 echo "Rules"\n ip rule show echo "Markierungen"\n iptables -t mangle -L ROUTING -v -x 2> /dev/null exit fi ########## ## Stop ## ########## iptables -t mangle -D PREROUTING -j ROUTING 2> /dev/null > /dev/null iptables -t mangle -D FORWARD -j ROUTING 2> /dev/null > /dev/null iptables -t mangle -F ROUTING 2> /dev/null > /dev/null iptables -t mangle -X ROUTING 2> /dev/null > /dev/null ip route del table 2 ip route del default via $GATEWAY_DEF ip rule del from $IP_T2 table 2 ip rule del fwmark 66 table 2 ip route flush cache if [ "$1" = "stop" ] then echo "Routing removed" exit fi ########### ## Start ## ########### ## 2. Tabelle anlegen ip route show table main | grep -Ev ^default | while read ROUTE ; do ip route add table 2 $ROUTE; done ip route add default via $GATEWAY_T2 table 2 ## Defaultgw setzen ip route add default via $GATEWAY_DEF ##Routing regeln setzen ip rule add from $IP_T2 table 2 ip route flush cache ip rule add fwmark 66 table 2 ##Iptables Tabelle anlegen iptables -t mangle -N ROUTING iptables -t mangle -I PREROUTING -j ROUTING iptables -t mangle -I FORWARD -j ROUTING ## Markieren Kleinwebs iptables -t mangle -A ROUTING -i $IFACE_INT -p all -d Y.Y.A.0/24 -j MARK --set-mark 66 ## Markieren KUNDE iptables -t mangle -A ROUTING -i $IFACE_INT -p all -d Y.Y.B.0/24 -j MARK --set-mark 66 ## Markieren Maintanace iptables -t mangle -A ROUTING -i $IFACE_INT -p all -d 192.168.100.0/24 -j MARK --set-mark 66 ## NAT setzen / passiert aber normal in der Firewall :) iptables -t nat -A POSTROUTING -o eth1 -s 192.168.10.0/24 -j SNAT --to-source Y.Y.Y.180 iptables -t nat -A POSTROUTING -o eth2 -s 192.168.10.0/24 -j SNAT --to-source X.X.X.30