blob: fc88cb29e47bef162c4bd3b644c6d076c8ea56c4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
#!/bin/sh
digit=${1:-0}
iface=$(ip route | awk '/^default/{ if ($4 == "dev") print($5); }')
iface=${iface:-wlan0}
num=$(ip addr show $iface | sed -n '/\s\+inet 192/ s/\s\+inet 192\.168\.[0-9]*\.\([0-9]*\).*$/\1/ p')
num=${num:-88}
dd=$(( 59 - $digit ))
set -x
ip link add tcp$digit type veth peer name tcpp$digit
ip netns add tcpp$digit; ip link set tcpp$digit netns tcpp$digit
nsenter --net=/var/run/netns/tcpp$digit ip addr add 127.0.0.1/8 dev lo
nsenter --net=/var/run/netns/tcpp$digit ip addr add ::1/128 dev lo
nsenter --net=/var/run/netns/tcpp$digit ip link set up dev lo
ip addr add $dd.$num.99.98/31 dev tcp$digit
ip link set up dev tcp$digit
nsenter --net=/var/run/netns/tcpp$digit ip addr add $dd.$num.99.99/31 dev tcpp$digit
nsenter --net=/var/run/netns/tcpp$digit ip link set up dev tcpp$digit
nsenter --net=/var/run/netns/tcpp$digit ip route add default via $dd.$num.99.98
nsenter --net=/var/run/netns/tcpp$digit iptables -A OUTPUT -p udp -j DROP
nsenter --net=/var/run/netns/tcpp$digit iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
nsenter --net=/var/run/netns/tcpp$digit iptables -A INPUT -j DROP
iptables -I FORWARD 1 -i tcp$digit -o $iface -j DROP
|
