Initial commit
This commit is contained in:
commit
69e4e23515
|
@ -0,0 +1,70 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# -- DEFAULT POLICIES --
|
||||||
|
iptables -P INPUT ACCEPT
|
||||||
|
iptables -P FORWARD ACCEPT
|
||||||
|
iptables -P OUTPUT ACCEPT
|
||||||
|
|
||||||
|
# -- CLEAR --
|
||||||
|
iptables -F
|
||||||
|
iptables -X
|
||||||
|
iptables -t nat -F
|
||||||
|
iptables -t mangle -F
|
||||||
|
iptables -t nat -X
|
||||||
|
iptables -t mangle -X
|
||||||
|
|
||||||
|
# https://www.opennet.ru/docs/RUS/LARTC/x348.html
|
||||||
|
IF1=wan0
|
||||||
|
IP1=192.168.2.3
|
||||||
|
P1_NET=192.168.2/24
|
||||||
|
P1=192.168.2.2
|
||||||
|
T1=81
|
||||||
|
|
||||||
|
IF2=wifi0
|
||||||
|
IP2=192.168.43.107
|
||||||
|
P2_NET=192.168.43.0/24
|
||||||
|
P2=192.168.43.1
|
||||||
|
T2=82
|
||||||
|
|
||||||
|
IF0=docker0
|
||||||
|
P0_NET=172.17.0.0/24
|
||||||
|
|
||||||
|
ip route add $P1_NET dev $IF1 src $IP1 table T1
|
||||||
|
ip route add default via $P1 table T1
|
||||||
|
ip route add $P2_NET dev $IF2 src $IP2 table T2
|
||||||
|
ip route add default via $P2 table T2
|
||||||
|
|
||||||
|
ip route add $P1_NET dev $IF1 src $IP1
|
||||||
|
ip route add $P2_NET dev $IF2 src $IP2
|
||||||
|
|
||||||
|
ip route add default via $P1
|
||||||
|
|
||||||
|
for i in `seq 10`; do
|
||||||
|
ip rule del from $IP1 table T1 2>/dev/null
|
||||||
|
ip rule del from $IP2 table T2 2>/dev/null
|
||||||
|
done
|
||||||
|
|
||||||
|
ip rule add from $IP1 table T1
|
||||||
|
ip rule add from $IP2 table T2
|
||||||
|
|
||||||
|
ip route add $P0_NET dev $IF0 table T1
|
||||||
|
ip route add $P2_NET dev $IF2 table T1
|
||||||
|
ip route add 127.0.0.0/8 dev lo table T1
|
||||||
|
ip route add $P0_NET dev $IF0 table T2
|
||||||
|
ip route add $P1_NET dev $IF1 table T2
|
||||||
|
ip route add 127.0.0.0/8 dev lo table T2
|
||||||
|
|
||||||
|
route del default gw $P1 $IF1 2>/dev/null
|
||||||
|
route del default gw $P1 $IF1 2>/dev/null
|
||||||
|
route del default gw $P2 $IF2 2>/dev/null
|
||||||
|
route del default gw $P2 $IF2 2>/dev/null
|
||||||
|
ip route del default via $P1 dev $IF1 2>/dev/null
|
||||||
|
ip route del default via $P2 dev $IF2 2>/dev/null
|
||||||
|
#route add default gw $P1 $IF1
|
||||||
|
#route add default gw $P2 $IF2
|
||||||
|
|
||||||
|
ip route add default scope global nexthop via $P1 dev $IF1 weight 1 \
|
||||||
|
nexthop via $P2 dev $IF2 weight 1
|
||||||
|
|
||||||
|
iptables -t nat -A POSTROUTING -o $IF1 -j MASQUERADE
|
||||||
|
iptables -t nat -A POSTROUTING -o $IF2 -j MASQUERADE
|
|
@ -0,0 +1,88 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#https://help.ubuntu.ru/wiki/ip_balancing#%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_1
|
||||||
|
|
||||||
|
################### CONFIG ############
|
||||||
|
BeeLine="/etc/routing/BeeLine.list"
|
||||||
|
### Home Network
|
||||||
|
l_eth=docker0
|
||||||
|
l_ip=172.17.0.1
|
||||||
|
l_net=172.17.0.0/24
|
||||||
|
|
||||||
|
########### Local ISP Network #########
|
||||||
|
li_net=172.17.0.0/24
|
||||||
|
|
||||||
|
########### ISP1 ######################
|
||||||
|
i1_eth=wifi0
|
||||||
|
i1_ip=192.168.43.107
|
||||||
|
i1_net=192.168.43.0/24
|
||||||
|
i1_gw=192.168.43.1
|
||||||
|
|
||||||
|
########### ISP2 ######################
|
||||||
|
i2_eth=wan0
|
||||||
|
i2_ip=192.168.2.3
|
||||||
|
i2_net=192.168.0.0/16
|
||||||
|
i2_gw=192.168.2.2
|
||||||
|
|
||||||
|
#########ip route2 tables##############
|
||||||
|
t1=101
|
||||||
|
t2=102
|
||||||
|
#######################################
|
||||||
|
|
||||||
|
########### Flushing ##################
|
||||||
|
iptables -t mangle -F NEW_OUT_CONN
|
||||||
|
iptables -t mangle -F PREROUTING
|
||||||
|
iptables -t mangle -F OUTPUT
|
||||||
|
iptables -t mangle -X NEW_OUT_CONN
|
||||||
|
ip route flush table $t2
|
||||||
|
ip rule del table $t2
|
||||||
|
ip route flush table $t1
|
||||||
|
ip rule del table $t1
|
||||||
|
ip route flush cache
|
||||||
|
#######################################
|
||||||
|
|
||||||
|
iptables -t mangle -N NEW_OUT_CONN
|
||||||
|
iptables -t mangle -A NEW_OUT_CONN -j CONNMARK --set-mark 1
|
||||||
|
iptables -t mangle -A NEW_OUT_CONN -m statistic --mode random --probability 0.50 -j RETURN
|
||||||
|
iptables -t mangle -A NEW_OUT_CONN -j CONNMARK --set-mark 2
|
||||||
|
|
||||||
|
#for file in $BeeLine; do
|
||||||
|
#if [ -f "$file" ]; then
|
||||||
|
#{ cat "$file" ; echo ; } | while read ip_addr; do
|
||||||
|
#if [ "$ip_addr" != "" ]; then
|
||||||
|
#echo "Статическая маршрутизация для $ip_addr"
|
||||||
|
#iptables -t mangle -A NEW_OUT_CONN -d $ip_addr -j CONNMARK --set-mark 1
|
||||||
|
#fi
|
||||||
|
#done
|
||||||
|
#fi
|
||||||
|
#done
|
||||||
|
|
||||||
|
iptables -t mangle -A PREROUTING -d $l_net -j RETURN
|
||||||
|
iptables -t mangle -A PREROUTING -d $li_net -j RETURN
|
||||||
|
|
||||||
|
iptables -t mangle -A PREROUTING -s $l_net -m state --state new,related -j NEW_OUT_CONN
|
||||||
|
iptables -t mangle -A PREROUTING -s $l_net -j CONNMARK --restore-mark
|
||||||
|
|
||||||
|
iptables -t mangle -A OUTPUT -d $l_net -j RETURN
|
||||||
|
iptables -t mangle -A OUTPUT -d $li_net -j RETURN
|
||||||
|
|
||||||
|
iptables -t mangle -A OUTPUT -s $l_net -m state --state new,related -j NEW_OUT_CONN
|
||||||
|
iptables -t mangle -A OUTPUT -s $li_net -j CONNMARK --restore-mark
|
||||||
|
|
||||||
|
ip route add $l_net dev $l_eth scope link table $t1
|
||||||
|
ip route add $i2_net dev $i2_eth scope link table $t1
|
||||||
|
ip route add $i1_net dev $i1_eth scope link src $i1_ip table $t1
|
||||||
|
ip route add 127.0.0.0/8 dev lo scope link table $t1
|
||||||
|
ip route add default via $i1_gw table $t1
|
||||||
|
|
||||||
|
ip rule add prio 51 fwmark 1 table $t1
|
||||||
|
ip rule add from $i1_ip table $t1
|
||||||
|
|
||||||
|
ip route add $l_net dev $l_eth scope link table $t2
|
||||||
|
ip route add $i1_net dev $i1_eth scope link table $t2
|
||||||
|
ip route add $i2_net dev $i2_eth scope link src $i2_ip table $t2
|
||||||
|
ip route add 127.0.0.0/8 dev lo scope link table $t2
|
||||||
|
ip route add default via $i2_gw table $t2
|
||||||
|
|
||||||
|
ip rule add prio 52 fwmark 2 table $t2
|
||||||
|
ip rule add from $i2_ip table $t2
|
|
@ -0,0 +1,38 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Load balance multiple internet connections. Requires iproute2, awk and grep.
|
||||||
|
# (C) 2016 Tobias Girstmair, isticktoit.net, GPLv2
|
||||||
|
# Also useful: speedometer -l -r eth1 -t eth1 -m $(( 1024 * 1024 * 3 / 2 ))
|
||||||
|
# Not much user error checking is done - only pass working network connections
|
||||||
|
|
||||||
|
# script needs root to work and at least two interfaces to be useful
|
||||||
|
[ $EUID -eq 0 -a $# -ge 2 ] || {
|
||||||
|
echo "Usage (as root): $0 iface1[:weight1] iface2[:weight2] ..." >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
get_free_tblnum() { # http://stackoverflow.com/a/28702075
|
||||||
|
awk -v RS='\\s+' '{ a[$1] } END { for(i = 10; i in a; ++i); print i }'</etc/iproute2/rt_tables
|
||||||
|
}
|
||||||
|
|
||||||
|
loadbal() {
|
||||||
|
IFS=':' read IFACE WEIGHT <<< "$1"
|
||||||
|
TABLE="${IFACE}loadbalance"
|
||||||
|
if ! grep -q -w "$TABLE" /etc/iproute2/rt_tables ; then
|
||||||
|
echo "$(get_free_tblnum) $TABLE" >> /etc/iproute2/rt_tables
|
||||||
|
fi
|
||||||
|
MY_IP=$(ip -o -4 addr show $IFACE |awk -F'(\\s|/)+' '{print $4}')
|
||||||
|
GW_IP=$(ip route show dev $IFACE | awk '/default/ {print $3}')
|
||||||
|
SUBNT=$(ip route show dev $IFACE | awk '/proto kernel/ {print $1}')
|
||||||
|
|
||||||
|
ip route add $SUBNT dev $IFACE src $MY_IP table $TABLE
|
||||||
|
ip route add default via $GW_IP table $TABLE
|
||||||
|
#ip rule add from $MY_IP table $TABLE
|
||||||
|
ip rule add from 127.0.0.1 table $TABLE
|
||||||
|
#ip rule add from all table $TABLE
|
||||||
|
echo nexthop via $GW_IP dev $IFACE weight ${WEIGHT:-1}
|
||||||
|
}
|
||||||
|
|
||||||
|
ip route add default scope global $(for IF in "$@"; do loadbal $IF; done)
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,88 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#https://help.ubuntu.ru/wiki/ip_balancing#%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_1
|
||||||
|
|
||||||
|
################### CONFIG ############
|
||||||
|
BeeLine="/etc/routing/BeeLine.list"
|
||||||
|
### Home Network
|
||||||
|
l_eth=docker0
|
||||||
|
l_ip=172.17.0.1
|
||||||
|
l_net=172.17.0.0/24
|
||||||
|
|
||||||
|
########### Local ISP Network #########
|
||||||
|
li_net=172.17.0.0/24
|
||||||
|
|
||||||
|
########### ISP1 ######################
|
||||||
|
i1_eth=wifi0
|
||||||
|
i1_ip=192.168.43.107
|
||||||
|
i1_net=192.168.43.0/24
|
||||||
|
i1_gw=192.168.43.1
|
||||||
|
|
||||||
|
########### ISP2 ######################
|
||||||
|
i2_eth=wan0
|
||||||
|
i2_ip=192.168.2.3
|
||||||
|
i2_net=192.168.0.0/16
|
||||||
|
i2_gw=192.168.2.2
|
||||||
|
|
||||||
|
#########ip route2 tables##############
|
||||||
|
t1=101
|
||||||
|
t2=102
|
||||||
|
#######################################
|
||||||
|
|
||||||
|
########### Flushing ##################
|
||||||
|
iptables -t mangle -F NEW_OUT_CONN
|
||||||
|
iptables -t mangle -F PREROUTING
|
||||||
|
iptables -t mangle -F OUTPUT
|
||||||
|
iptables -t mangle -X NEW_OUT_CONN
|
||||||
|
ip route flush table $t2
|
||||||
|
ip rule del table $t2
|
||||||
|
ip route flush table $t1
|
||||||
|
ip rule del table $t1
|
||||||
|
ip route flush cache
|
||||||
|
#######################################
|
||||||
|
|
||||||
|
iptables -t mangle -N NEW_OUT_CONN
|
||||||
|
iptables -t mangle -A NEW_OUT_CONN -j CONNMARK --set-mark 1
|
||||||
|
iptables -t mangle -A NEW_OUT_CONN -m statistic --mode random --probability 0.50 -j RETURN
|
||||||
|
iptables -t mangle -A NEW_OUT_CONN -j CONNMARK --set-mark 2
|
||||||
|
|
||||||
|
#for file in $BeeLine; do
|
||||||
|
#if [ -f "$file" ]; then
|
||||||
|
#{ cat "$file" ; echo ; } | while read ip_addr; do
|
||||||
|
#if [ "$ip_addr" != "" ]; then
|
||||||
|
#echo "Статическая маршрутизация для $ip_addr"
|
||||||
|
#iptables -t mangle -A NEW_OUT_CONN -d $ip_addr -j CONNMARK --set-mark 1
|
||||||
|
#fi
|
||||||
|
#done
|
||||||
|
#fi
|
||||||
|
#done
|
||||||
|
|
||||||
|
iptables -t mangle -A PREROUTING -d $l_net -j RETURN
|
||||||
|
iptables -t mangle -A PREROUTING -d $li_net -j RETURN
|
||||||
|
|
||||||
|
iptables -t mangle -A PREROUTING -s $l_net -m state --state new,related -j NEW_OUT_CONN
|
||||||
|
iptables -t mangle -A PREROUTING -s $l_net -j CONNMARK --restore-mark
|
||||||
|
|
||||||
|
iptables -t mangle -A OUTPUT -d $l_net -j RETURN
|
||||||
|
iptables -t mangle -A OUTPUT -d $li_net -j RETURN
|
||||||
|
|
||||||
|
iptables -t mangle -A OUTPUT -s $l_net -m state --state new,related -j NEW_OUT_CONN
|
||||||
|
iptables -t mangle -A OUTPUT -s $li_net -j CONNMARK --restore-mark
|
||||||
|
|
||||||
|
ip route add $l_net dev $l_eth scope link table $t1
|
||||||
|
ip route add $i2_net dev $i2_eth scope link table $t1
|
||||||
|
ip route add $i1_net dev $i1_eth scope link src $i1_ip table $t1
|
||||||
|
ip route add 127.0.0.0/8 dev lo scope link table $t1
|
||||||
|
ip route add default via $i1_gw table $t1
|
||||||
|
|
||||||
|
ip rule add prio 51 fwmark 1 table $t1
|
||||||
|
ip rule add from $i1_ip table $t1
|
||||||
|
|
||||||
|
ip route add $l_net dev $l_eth scope link table $t2
|
||||||
|
ip route add $i1_net dev $i1_eth scope link table $t2
|
||||||
|
ip route add $i2_net dev $i2_eth scope link src $i2_ip table $t2
|
||||||
|
ip route add 127.0.0.0/8 dev lo scope link table $t2
|
||||||
|
ip route add default via $i2_gw table $t2
|
||||||
|
|
||||||
|
ip rule add prio 52 fwmark 2 table $t2
|
||||||
|
ip rule add from $i2_ip table $t2
|
Loading…
Reference in New Issue