Update hotspot_iprule.sh, Support subnet forward for usb shared network (#1411)
This commit is contained in:
ThermalEng
GitHub
@@ -22,7 +22,10 @@ get_tun_iface() {
|
|||||||
ip link | awk -F': ' '/ tun[[:alnum:]]+/ {print $2; exit}'
|
ip link | awk -F': ' '/ tun[[:alnum:]]+/ {print $2; exit}'
|
||||||
}
|
}
|
||||||
get_hot_iface() {
|
get_hot_iface() {
|
||||||
ip link | awk -F': ' '/(^| )(swlan[[:alnum:]_]*|softap[[:alnum:]_]*|ap[[:alnum:]_]*)\:/ {print $2; exit}' | cut -d'@' -f1 | head -n1
|
ip link | awk -F': ' '/(^| )(swlan[[:alnum:]_]*|softap[[:alnum:]_]*|p2p-wlan[[:alnum:]_]*|ap[[:alnum:]_]*)\:/ {print $2; exit}' | cut -d'@' -f1 | head -n1
|
||||||
|
}
|
||||||
|
get_usb_iface() {
|
||||||
|
ip link | awk -F': ' '/(^| )(usb[[:alnum:]_]*|rndis[[:alnum:]_]*|eth[[:alnum:]_]*)\:/ {print $2; exit}' | cut -d'@' -f1 | head -n1
|
||||||
}
|
}
|
||||||
get_hot_cidr() {
|
get_hot_cidr() {
|
||||||
ip -4 addr show dev "$1" | awk '/inet /{print $2; exit}'
|
ip -4 addr show dev "$1" | awk '/inet /{print $2; exit}'
|
||||||
@@ -33,10 +36,12 @@ set_nat_rules() {
|
|||||||
ET_IFACE=$(get_et_iface)
|
ET_IFACE=$(get_et_iface)
|
||||||
[ -z "$ET_IFACE" ] && ET_IFACE="$(get_tun_iface)"
|
[ -z "$ET_IFACE" ] && ET_IFACE="$(get_tun_iface)"
|
||||||
HOT_IFACE=$(get_hot_iface)
|
HOT_IFACE=$(get_hot_iface)
|
||||||
|
USB_IFACE=$(get_usb_iface)
|
||||||
HOT_CIDR=$(get_hot_cidr "$HOT_IFACE")
|
HOT_CIDR=$(get_hot_cidr "$HOT_IFACE")
|
||||||
|
USB_CIDR=$(get_hot_cidr "$USB_IFACE")
|
||||||
|
|
||||||
# 如果热点关闭就删除自定义链
|
# 如果热点关闭就删除自定义链
|
||||||
[ -n "$ET_IFACE" ] && [ -n "$HOT_CIDR" ] || return 1
|
[ -n "$ET_IFACE" ] && { [ -n "$HOT_CIDR" ] || [ -n "$USB_CIDR" ]; } || return 1
|
||||||
|
|
||||||
# 创建自定义链(如不存在)
|
# 创建自定义链(如不存在)
|
||||||
iptables -t nat -N ET_NAT 2>/dev/null
|
iptables -t nat -N ET_NAT 2>/dev/null
|
||||||
@@ -49,13 +54,22 @@ set_nat_rules() {
|
|||||||
iptables -I FORWARD 1 -j ET_FWD
|
iptables -I FORWARD 1 -j ET_FWD
|
||||||
|
|
||||||
# 添加规则
|
# 添加规则
|
||||||
iptables -t nat -A ET_NAT -s "$HOT_CIDR" -o "$ET_IFACE" -j MASQUERADE
|
if [ -n "$HOT_CIDR" ]; then
|
||||||
iptables -A ET_FWD -i "$HOT_IFACE" -o "$ET_IFACE" \
|
iptables -t nat -A ET_NAT -s "$HOT_CIDR" -o "$ET_IFACE" -j MASQUERADE
|
||||||
-m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
|
iptables -A ET_FWD -i "$HOT_IFACE" -o "$ET_IFACE" \
|
||||||
iptables -A ET_FWD -i "$ET_IFACE" -o "$HOT_IFACE" \
|
-m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
|
||||||
-m state --state ESTABLISHED,RELATED -j ACCEPT
|
iptables -A ET_FWD -i "$ET_IFACE" -o "$HOT_IFACE" \
|
||||||
|
-m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||||
echo "[ET-NAT] Rules applied: $HOT_IFACE $HOT_CIDR ↔ $ET_IFACE" >> "$LOG_FILE"
|
echo "[ET-NAT] Rules applied: $HOT_IFACE $HOT_CIDR ↔ $ET_IFACE" >> "$LOG_FILE"
|
||||||
|
fi
|
||||||
|
if [ -n "$USB_CIDR" ]; then
|
||||||
|
iptables -t nat -A ET_NAT -s "$USB_CIDR" -o "$ET_IFACE" -j MASQUERADE
|
||||||
|
iptables -A ET_FWD -i "$USB_IFACE" -o "$ET_IFACE" \
|
||||||
|
-m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
|
||||||
|
iptables -A ET_FWD -i "$ET_IFACE" -o "$USB_IFACE" \
|
||||||
|
-m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||||
|
echo "[ET-NAT] Rules applied: $USB_IFACE $USB_CIDR ↔ $ET_IFACE" >> "$LOG_FILE"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
flush_rules() {
|
flush_rules() {
|
||||||
|
|||||||
Reference in New Issue
Block a user