2022-07-25 12:42:33 +00:00
|
|
|
#! /bin/bash
|
|
|
|
|
|
|
|
|
|
# This is a hack.
|
2022-12-02 08:21:58 +00:00
|
|
|
# - Docker sets the default route to 169.254.224.1 which is the host-side of the bridge.
|
2022-07-25 12:42:33 +00:00
|
|
|
# - Our 'router' instance likes to receive all the traffic instead.
|
2022-12-02 08:21:58 +00:00
|
|
|
# - Remove host's bridge ip of 169.254.224.1
|
|
|
|
|
# - Router's init.sh script will take over 169.254.224.1
|
|
|
|
|
# An alternative would be to assign a default gw in user's sf-shell
|
|
|
|
|
# and use nsenter -n to change the default route (without giving NET_ADMIN
|
|
|
|
|
# to the user).
|
|
|
|
|
|
2022-07-25 12:42:33 +00:00
|
|
|
ERREXIT()
|
|
|
|
|
{
|
|
|
|
|
local code
|
|
|
|
|
code="$1"
|
|
|
|
|
shift 1
|
|
|
|
|
|
|
|
|
|
[[ -z $code ]] && exit 0
|
|
|
|
|
echo -e >&2 "$@"
|
|
|
|
|
exit "$code"
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-02 08:21:58 +00:00
|
|
|
l=$(ip addr show | grep -F "inet ${NET_LG_ROUTER_IP}" | head -n1)
|
2022-07-25 12:42:33 +00:00
|
|
|
[[ -z $l ]] && ERREXIT 255 "Failed to find network"
|
|
|
|
|
|
2022-07-28 13:33:08 +00:00
|
|
|
DEV="$(echo "$l" | awk '{ print $7; }')"
|
2022-12-02 08:21:58 +00:00
|
|
|
[[ -z $DEV ]] && ERREXIT 254 "Failed to find device (l=$l)"
|
2022-07-25 12:42:33 +00:00
|
|
|
|
2022-12-02 08:21:58 +00:00
|
|
|
# Remove _any_ ip from the interface. This means LGs can never exit
|
|
|
|
|
# to the Internet via the host but still route packets to sf-router.
|
|
|
|
|
# sf-router is taking over the IP NET_LG_ROUTER_IP
|
|
|
|
|
ip link set "$DEV" arp off
|
|
|
|
|
ip addr flush "$DEV"
|
