arcanis/dotfiles
1
0
Fork 0
mirror of https://github.com/arcan1s/dotfiles.git synced 2025-10-31 15:43:40 +00:00
Code Issues Projects Releases Wiki Activity
Files
a44024a09d1efe5ceda8e145c63a465291a368b1
dotfiles/tunctl
arcan1s 4bfc5c458a add tunctl
2015-03-22 14:57:44 +03:00

148 lines
3.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# ssh config
IDENTITY="/root/.ssh/id_rsa"
SSH_SOCKET="/run/ssh-tunnel.sock"
SSH_USER="root"
# network config
LOCAL_IP="10.0.0.2"
PORTS="5432 20 21 10090:10100"
REMOTE_IP="10.0.0.1"
REMOTE_EXTIP="185.82.216.108"
REMOTE_EXTIF="eth0"
# daemon
SLEEPTIME="5m"
# notifications
FROM="server@repo.arcanis.name"
TO="darkarcanis@mail.ru"
SUBJECT="Server status report"
# cmds
IFCFG="/sbin/ifconfig"
IPT="/sbin/iptables"
MAIL="/usr/bin/mail"
SSH="/usr/bin/ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
-o TCPKeepAlive=yes -o ServerAliveInterval=600 -o ServerAliveCountMax=360 \
-o ControlMaster=auto -o PasswordAuthentication=no -i ${IDENTITY} "
function send_mail() {
local MESSAGE="${1}"
echo "${MESSAGE}" | "${MAIL}" -r "${FROM}" -s "${SUBJECT}" "${TO}"
}
function do_start() {
[ -e "${SSH_SOCKET}" ] && rm -f "${SSH_SOCKET}"
${SSH} -M -S "${SSH_SOCKET}" -f -w 0:0 "${SSH_USER}"@"${REMOTE_EXTIP}" \
"${IFCFG}" tun0 "${REMOTE_IP}"/30 pointopoint "${LOCAL_IP}"
"${IFCFG}" tun0 "${LOCAL_IP}"/30 pointopoint "${REMOTE_IP}"
# send_mail "Tunnel has been started"
}
function do_stop() {
${SSH} -S "${SSH_SOCKET}" -O exit "${SSH_USER}"@"${REMOTE_EXTIP}"
[ -e "${SSH_SOCKET}" ] && rm -f "${SSH_SOCKET}"
# send_mail "Tunnel has been stoped"
}
function do_table() {
local PORT="${1}"
${SSH} "${SSH_USER}"@"${REMOTE_EXTIP}" \
"${IPT}" -t nat -A PREROUTING --dst "${REMOTE_EXTIP}" -p tcp --dport "${PORT}" -j DNAT --to-destination "${LOCAL_IP}"
${SSH} "${SSH_USER}"@"${REMOTE_EXTIP}" \
"${IPT}" -t nat -A POSTROUTING --dst "${LOCAL_IP}" -p tcp --dport "${PORT}" -j SNAT --to-source "${REMOTE_IP}"
${SSH} "${SSH_USER}"@"${REMOTE_EXTIP}" \
"${IPT}" -t nat -A OUTPUT --dst "${REMOTE_EXTIP}" -p tcp --dport "${PORT}" -j DNAT --to-destination "${LOCAL_IP}"
${SSH} "${SSH_USER}"@"${REMOTE_EXTIP}" \
"${IPT}" -I FORWARD 1 -i "${REMOTE_EXTIF}" -o tun0 -d "${LOCAL_IP}" -p tcp -m tcp --dport "${PORT}" -j ACCEPT
}
function do_clear_table() {
${SSH} "${SSH_USER}"@"${REMOTE_EXTIP}" "${IPT}" -t nat -F
${SSH} "${SSH_USER}"@"${REMOTE_EXTIP}" "${IPT}" -t nat -X
}
function do_add_table() {
local PORT
for PORT in ${PORTS}; do do_table "${PORT}"; done
}
function do_restart() {
if do_ping; then
do_clear_table
do_stop
fi
do_start
sleep 2
do_add_table
}
function do_ping() {
ping -c 4 -q "${REMOTE_IP}" &> /dev/null && return 0 || return 1
}
function do_daemon() {
while true; do
sleep "${SLEEPTIME}"
echo "Check tunnel"
if ! do_ping; then
echo "Restart tunnel"
do_restart
fi
done
}
case "${1}" in
start)
echo "Start tunnel"
do_ping && exit 0
do_start
sleep 2
do_add_table
;;
stop)
echo "Stop tunnel"
do_ping || exit 0
do_clear_table
do_stop
;;
restart)
echo "Restart tunnel"
if do_ping; then
do_restart
else
do_start
sleep 2
do_add_table
fi
;;
ping)
if do_ping; then
echo "Active"
exit 0
else
echo "Inactive"
exit 1
fi
;;
check)
if ! do_ping; then
echo "Restart tunnel"
do_restart
fi
;;
daemon)
do_daemon
;;
*)
echo "Usage tunctl start|stop|restart|ping|check|daemon"
exit 1
;;
esac
exit 0
Reference in New Issue View Git Blame Copy Permalink