if [ $# -lt 1 ]
then
- echo "Usage: $(basename "$0") external_interface" 1>&2
+ echo "Usage: $(basename "$0") external_interface [external_addr]" 1>&2
exit 64
fi
exit 1
fi
+is_router=0
+if [ $# -gt 1 ]
+then
+ is_router=1
+ EXT_ADDR="$2"
+fi
+
$IPTABLES -F
$IPTABLES -F INPUT
$IPTABLES -X
$IPTABLES -A INPUT -m policy --dir in --pol ipsec -j ACCEPT
$IP6TABLES -A INPUT -m policy --dir in --pol ipsec -j ACCEPT
+if [ $is_router -gt 0 ]
+then
+ $IPTABLES -t nat -A POSTROUTING -o ${EXT_IF} -j SNAT --to ${EXT_ADDR}
+fi
+
./services.sh ${EXT_IF}
create_drop_chain xenophobe