natbox-spec-surge.rcS revision 1648:4214fd0ea44d
1#!/bin/sh
2EXTIF=192.168.0.7
3INTIF=10.0.0.1
4CLIENT=10.0.0.2
5
6echo "setting up network..."
7ifconfig lo 127.0.0.1
8ifconfig eth0 $EXTIF txqueuelen 1000
9ifconfig eth1 $INTIF txqueuelen 1000
10
11echo "0" > /proc/sys/net/ipv4/tcp_timestamps
12echo "0" > /proc/sys/net/ipv4/tcp_sack
13echo "1" > /proc/sys/net/ipv4/tcp_vegas_cong_avoid
14echo "262144" > /proc/sys/net/ipv4/ip_conntrack_max
15echo "5000000 5000000 5000000" > /proc/sys/net/ipv4/tcp_rmem
16echo "5000000 5000000 5000000" > /proc/sys/net/ipv4/tcp_wmem
17echo "5000000 5000000 5000000" > /proc/sys/net/ipv4/tcp_mem
18echo "262143" > /proc/sys/net/core/rmem_max
19echo "262143" > /proc/sys/net/core/wmem_max
20echo "262143" > /proc/sys/net/core/rmem_default
21echo "262143" > /proc/sys/net/core/wmem_default
22echo "262143" > /proc/sys/net/core/optmem_max
23echo "100000" > /proc/sys/net/core/netdev_max_backlog
24
25echo "1" > /proc/sys/net/ipv4/ip_forward
26
27echo "262144" > /proc/sys/net/ipv4/ip_conntrack_max
28
29echo "waiting for netserver..."
30/usr/bin/netcat -c -l -p 8000
31
32echo "setting up iptables..."
33IPTABLES=/sbin/iptables
34EXTIF=eth0
35INTIF=eth1
36
37$IPTABLES -P INPUT ACCEPT
38$IPTABLES -F INPUT
39$IPTABLES -P OUTPUT ACCEPT
40$IPTABLES -F OUTPUT
41$IPTABLES -P FORWARD DROP
42$IPTABLES -F FORWARD
43$IPTABLES -t nat -F
44
45$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
46$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
47$IPTABLES -A FORWARD -j LOG
48
49$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
50
51echo "informing client..."
52sleep 5
53echo "server ready" | /usr/bin/netcat -c $CLIENT 8000
54
55echo "starting bash..."
56exec /bin/bash
57