pve/scripts/build_nat_network.sh

85 lines
2.4 KiB
Bash
Raw Normal View History

2023-02-23 21:42:24 +08:00
#!/bin/bash
2023-02-24 09:56:53 +08:00
#from https://github.com/spiritLHLS/pve
2023-02-23 21:58:44 +08:00
2023-02-24 14:28:18 +08:00
# 打印信息
_red() { echo -e "\033[31m\033[01m$@\033[0m"; }
_green() { echo -e "\033[32m\033[01m$@\033[0m"; }
_yellow() { echo -e "\033[33m\033[01m$@\033[0m"; }
_blue() { echo -e "\033[36m\033[01m$@\033[0m"; }
2023-04-24 08:35:14 +08:00
export LC_ALL=en_US.utf8
export LANG=en_US.utf8
2023-02-24 14:28:18 +08:00
2023-04-10 13:48:37 +08:00
API_NET=("ip.sb" "ipget.net" "ip.ping0.cc" "https://ip4.seeip.org" "https://api.my-ip.io/ip" "https://ipv4.icanhazip.com" "api.ipify.org")
for p in "${API_NET[@]}"; do
response=$(curl -s4m8 "$p")
sleep 1
if [ $? -eq 0 ] && ! echo "$response" | grep -q "error"; then
IP_API="$p"
break
fi
done
IPV4=$(curl -s4m8 "$IP_API")
2023-02-24 14:28:18 +08:00
# 查询信息
2023-02-24 09:56:53 +08:00
interface=$(lshw -C network | awk '/logical name:/{print $3}' | head -1)
2023-04-24 00:17:08 +08:00
if [ -z "$interface" ]; then
interface="eth0"
fi
in_ip=$(ifconfig ${interface} | grep "inet " | awk '{print $2}')
if [ -z "$in_ip" ]; then
ip=${IPV4}/24
else
ip=${in_ip}/24
fi
2023-02-24 09:56:53 +08:00
gateway=$(ip route | awk '/default/ {print $3}')
2023-02-24 14:28:18 +08:00
# 录入网关
2023-02-24 13:50:58 +08:00
if grep -q "vmbr0" /etc/network/interfaces; then
2023-02-24 14:28:18 +08:00
echo "vmbr0 已存在在 /etc/network/interfaces"
2023-02-24 13:50:58 +08:00
else
2023-02-24 13:53:12 +08:00
cat << EOF | sudo tee -a /etc/network/interfaces
auto vmbr0
iface vmbr0 inet static
address $ip
gateway $gateway
bridge_ports $interface
bridge_stp off
bridge_fd 0
EOF
2023-02-24 13:50:58 +08:00
fi
if grep -q "vmbr1" /etc/network/interfaces; then
2023-02-24 14:28:18 +08:00
echo "vmbr1 已存在在 /etc/network/interfaces"
2023-02-24 13:50:58 +08:00
else
2023-02-24 13:53:12 +08:00
cat << EOF | sudo tee -a /etc/network/interfaces
auto vmbr1
iface vmbr1 inet static
address 172.16.1.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up echo 1 > /proc/sys/net/ipv4/conf/vmbr1/proxy_arp
post-up iptables -t nat -A POSTROUTING -s '172.16.1.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '172.16.1.0/24' -o vmbr0 -j MASQUERADE
EOF
2023-02-24 13:50:58 +08:00
fi
2023-02-24 09:56:53 +08:00
2023-04-10 14:34:28 +08:00
# 加载iptables并设置回源且允许NAT端口转发
2023-04-10 14:56:29 +08:00
apt-get install -y iptables iptables-persistent
2023-04-10 14:32:13 +08:00
iptables -t nat -A POSTROUTING -j MASQUERADE
2023-04-10 14:34:28 +08:00
sysctl net.ipv4.ip_forward=1
2023-04-10 14:42:45 +08:00
sysctl_path=$(which sysctl)
2023-04-10 14:40:44 +08:00
if grep -q "^net.ipv4.ip_forward=1" /etc/sysctl.conf; then
if grep -q "^#net.ipv4.ip_forward=1" /etc/sysctl.conf; then
sed -i 's/^#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
fi
else
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
fi
2023-04-10 14:42:45 +08:00
${sysctl_path} -p
2023-04-10 13:48:37 +08:00
2023-02-24 14:28:18 +08:00
# 重启配置
2023-02-24 09:56:53 +08:00
service networking restart
2023-02-23 22:03:19 +08:00
systemctl restart networking.service