#!/bin/sh

# Quick and dirty IP Masquerade script

export PATH="$PATH:/usr/sbin:/sbin"

# Local interface (where your friend's laptop is connected)
# IP address: 192.168.42.1, netmask: 255.255.255.0
# Tell your friend to pick an IP address on that network,
# and use your IP address as default gateway.

LAN=eth1

# Interface on which you're connected to the Internet
INTERNET=wlan0


case "$1" in
  start|reload|force-reload|restart)

    echo -n "Installing qdnat"
    
    ifconfig $LAN 192.168.42.1
    ifconfig $LAN up

    echo 0 > /proc/sys/net/ipv4/ip_forward

    iptables --flush
    iptables --delete-chain

    #
    # input chain
    #

    iptables -F INPUT
    iptables -P INPUT DROP

    iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED

    iptables -A INPUT -i lo -j ACCEPT
    iptables -A INPUT -p icmp -j ACCEPT
    iptables -A INPUT -j DROP

    #
    # output chain
    #

    iptables -F OUTPUT
    iptables -P OUTPUT ACCEPT

    #
    # forward chain
    #

    iptables -F FORWARD
    iptables -P FORWARD DROP

    iptables -A FORWARD -s 192.168.1.0/24 -d 0.0.0.0/0 -j ACCEPT
    iptables -A FORWARD -d 192.168.1.0/24 -s 0.0.0.0/0 -j ACCEPT

    iptables -A FORWARD -j DROP

    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

    echo 1 > /proc/sys/net/ipv4/ip_forward

    echo "."
    ;;

  stop)
    echo 0 > /proc/sys/net/ipv4/ip_forward
    iptables -F INPUT
    iptables -P INPUT ACCEPT
    iptables -F OUTPUT
    iptables -P OUTPUT ACCEPT

    iptables -F FORWARD
    iptables -P FORWARD DROP

    ifconfig $LAN down
    ;;

  *) 
    echo "Usage: $0 {start|stop|reload|force-reload|restart}"
    exit 1

esac

exit 0