1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159
|
#!/bin/sh
RCDLINKS="2,S45 3,S45 6,K45"
################################################################################
# Script to create a gre or ipip tunnel -- Shorewall 1.2
#
# Modified - Steve Cowles 5/9/2000
# Incorporated init {start|stop} syntax and iproute2 usage
#
# This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
#
# (c) 2000,2001,2002 - Tom Eastep (teastep@shorewall.net)
#
# Modify the following variables to match your configuration
#
# chkconfig: 2345 26 89
# description: GRE/IP Tunnel
#
################################################################################
#
# Type of tunnel (gre or ipip)
#
tunnel_type=gre
# Name of the tunnel
#
tunnel="dfwbos"
#
# Address of your External Interface (only required for gre tunnels)
#
myrealip="x.x.x.x"
# Address of the local system -- this is the address of one of your
# local interfaces (or for a mobile host, the address that this system has
# when attached to the local network).
#
myip="192.168.1.254"
# Address of the Remote system -- this is the address of one of the
# remote system's local interfaces (or if the remote system is a mobile host,
# the address that it uses when attached to the local network).
hisip="192.168.9.1"
# Internet address of the Remote system
#
gateway="x.x.x.x"
# Remote sub-network -- if the remote system is a gateway for a
# private subnetwork that you wish to
# access, enter it here. If the remote
# system is a stand-alone/mobile host, leave this
# empty
subnet="192.168.9.0/24"
PATH=$PATH:/sbin:/usr/sbin:/usr/local/sbin
load_modules () {
case $tunnel_type in
ipip)
echo "Loading IP-ENCAP Module"
modprobe ipip
;;
gre)
echo "Loading GRE Module"
modprobe ip_gre
;;
esac
}
do_stop() {
if [ -n "`ip link show $tunnel 2>/dev/null`" ]; then
echo "Stopping $tunnel"
ip link set dev $tunnel down
fi
if [ -n "`ip addr show $tunnel 2>/dev/null`" ]; then
echo "Deleting $tunnel"
ip tunnel del $tunnel
fi
}
do_start() {
#NOTE: Comment out the next line if you have built gre/ipip into your kernel
load_modules
if [ -n "`ip link show $tunnel 2>/dev/null`" ]; then
do_stop
fi
echo "Adding $tunnel"
case $tunnel_type in
gre)
ip tunnel add $tunnel mode gre remote $gateway local $myrealip ttl 255
;;
*)
ip tunnel add $tunnel mode ipip remote $gateway
;;
esac
echo "Starting $tunnel"
ip link set dev $tunnel up
case $tunnel_type in
gre)
ip addr add $myip dev $tunnel
;;
*)
ip addr add $myip peer $hisip dev $tunnel
;;
esac
#
# As with all interfaces, the 2.4 kernels will add the obvious host
# route for this point-to-point interface
#
if [ -n "$subnet" ]; then
echo "Adding Routes"
case $tunnel_type in
gre)
ip route add $subnet dev $tunnel
;;
ipip)
ip route add $subnet via $gateway dev $tunnel onlink
;;
esac
fi
}
case "$1" in
start)
do_start
;;
stop)
do_stop
;;
restart)
do_stop
sleep 1
do_start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
|