-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathconfigure-he-ipv6-chains.sh
31 lines (24 loc) · 1.07 KB
/
configure-he-ipv6-chains.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/bin/bash
# Default ip6tables path on UDMP
IP6TABLES_PATH="/usr/sbin"
#UDMP-SE path
if test -f "/sbin/iptables-save"; then
IP6TABLES_PATH="/sbin"
fi
#detect active WAN interface
WAN_IFACE=$(ip route get 8.8.8.8 | awk '{ printf $5 }')
if [[ ${WAN_IFACE} =~ \. ]]; then
#may be a ppp0 interface
WAN_IFACE=$(echo "${WAN_IFACE}" | grep -o '\.[^.]*$' | sed 's/\.//')
fi
# check to see if WAN interface rules have been re-created
if ${IP6TABLES_PATH}/ip6tables-save | grep -Fqi "${WAN_IFACE}" ; then
# if he-ipv6 entries still exist, remove them before proceeding
if ${IP6TABLES_PATH}/ip6tables-save | grep -Fqi "he-ipv6" ; then
echo "Removing old he-ipv6 references..."
${IP6TABLES_PATH}/ip6tables-save | sed '/he-ipv6/Id' | ${IP6TABLES_PATH}/ip6tables-restore
fi
# export ip6tables, replace WAN interface entries with he-ipv6
echo "Updating ip6tables to replace ${WAN_IFACE} with he-ipv6..."
${IP6TABLES_PATH}/ip6tables-save | sed "s/${WAN_IFACE}/he-ipv6/g" | sed "s/${WAN_IFACE^^}/HE-IPV6/g" | ${IP6TABLES_PATH}/ip6tables-restore
fi