#!/bin/sh

digit=${1:-0}

iface=$(ip route | awk '/^default/{ if ($4 == "dev") print($5); }')
iface=${iface:-wlan0}
num=$(ip addr show $iface | sed -n '/\s\+inet 192/ s/\s\+inet 192\.168\.[0-9]*\.\([0-9]*\).*$/\1/ p')
num=${num:-88}

dd=$(( 59 - $digit ))


set -x

ip link add tcp$digit type veth peer name tcpp$digit
ip netns add tcpp$digit; ip link set tcpp$digit netns tcpp$digit

nsenter --net=/var/run/netns/tcpp$digit ip addr add 127.0.0.1/8 dev lo
nsenter --net=/var/run/netns/tcpp$digit ip addr add ::1/128 dev lo
nsenter --net=/var/run/netns/tcpp$digit ip link set up dev lo

ip addr add $dd.$num.99.98/31 dev tcp$digit
ip link set up dev tcp$digit

nsenter --net=/var/run/netns/tcpp$digit ip addr add $dd.$num.99.99/31 dev tcpp$digit
nsenter --net=/var/run/netns/tcpp$digit ip link set up dev tcpp$digit
nsenter --net=/var/run/netns/tcpp$digit ip route add default via $dd.$num.99.98

nsenter --net=/var/run/netns/tcpp$digit iptables -A OUTPUT -p udp -j DROP
nsenter --net=/var/run/netns/tcpp$digit iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
nsenter --net=/var/run/netns/tcpp$digit iptables -A INPUT -j DROP
iptables -I FORWARD 1 -i tcp$digit -o $iface -j DROP