1*1c87dc45SAmos Kong#!/bin/bash 2*1c87dc45SAmos Kong# 3*1c87dc45SAmos Kong# Author: Amos Kong <kongjianjun@gmail.com> 4*1c87dc45SAmos Kong# Date: Apr 14, 2011 5*1c87dc45SAmos Kong# Description: this script is used to create/delete a private bridge, 6*1c87dc45SAmos Kong# launch a dhcp server on the bridge by dnsmasq. 7*1c87dc45SAmos Kong# 8*1c87dc45SAmos Kong# @ ./set_private_br.sh $bridge_name $subnet_prefix 9*1c87dc45SAmos Kong# @ ./set_private_br.sh vbr0 192.168.33 10*1c87dc45SAmos Kong 11*1c87dc45SAmos Kongbrname='vbr0' 12*1c87dc45SAmos Kongsubnet='192.168.33' 13*1c87dc45SAmos Kong 14*1c87dc45SAmos Kongadd_br() 15*1c87dc45SAmos Kong{ 16*1c87dc45SAmos Kong echo "add new private bridge: $brname" 17*1c87dc45SAmos Kong /usr/sbin/brctl addbr $brname 18*1c87dc45SAmos Kong echo 1 > /proc/sys/net/ipv6/conf/$brname/disable_ipv6 19*1c87dc45SAmos Kong echo 1 > /proc/sys/net/ipv4/ip_forward 20*1c87dc45SAmos Kong /usr/sbin/brctl stp $brname on 21*1c87dc45SAmos Kong /usr/sbin/brctl setfd $brname 0 22*1c87dc45SAmos Kong ifconfig $brname $subnet.1 23*1c87dc45SAmos Kong ifconfig $brname up 24*1c87dc45SAmos Kong # Add forward rule, then guest can access public network 25*1c87dc45SAmos Kong iptables -t nat -A POSTROUTING -s $subnet.254/24 ! -d $subnet.254/24 -j MASQUERADE 26*1c87dc45SAmos Kong /etc/init.d/dnsmasq stop 27*1c87dc45SAmos Kong /etc/init.d/tftpd-hpa stop 2>/dev/null 28*1c87dc45SAmos Kong dnsmasq --strict-order --bind-interfaces --listen-address $subnet.1 --dhcp-range $subnet.1,$subnet.254 $tftp_cmd 29*1c87dc45SAmos Kong} 30*1c87dc45SAmos Kong 31*1c87dc45SAmos Kongdel_br() 32*1c87dc45SAmos Kong{ 33*1c87dc45SAmos Kong echo "cleanup bridge setup" 34*1c87dc45SAmos Kong kill -9 `pgrep dnsmasq|tail -1` 35*1c87dc45SAmos Kong ifconfig $brname down 36*1c87dc45SAmos Kong /usr/sbin/brctl delbr $brname 37*1c87dc45SAmos Kong iptables -t nat -D POSTROUTING -s $subnet.254/24 ! -d $subnet.254/24 -j MASQUERADE 38*1c87dc45SAmos Kong} 39*1c87dc45SAmos Kong 40*1c87dc45SAmos Kong 41*1c87dc45SAmos Kongif [ $# = 0 ]; then 42*1c87dc45SAmos Kong del_br 2>/dev/null 43*1c87dc45SAmos Kong exit 44*1c87dc45SAmos Kongfi 45*1c87dc45SAmos Kongif [ $# > 1 ]; then 46*1c87dc45SAmos Kong brname="$1" 47*1c87dc45SAmos Kongfi 48*1c87dc45SAmos Kongif [ $# = 2 ]; then 49*1c87dc45SAmos Kong subnet="$2" 50*1c87dc45SAmos Kongfi 51*1c87dc45SAmos Kongadd_br 52