#!/bin/sh

# Copyright (C) 2012  Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.

# $Id: a9d8089e2230606c0e0a2558c80afede6c52f95b $

set -x

ip -6 tunnel add tun0 mode ipip6 remote 2001::1 local 2001:0:0:1::2 \
 dev eth0 encaplimit none
ip link set tun0 up
ip addr add 192.0.0.2 peer 192.0.0.1 dev tun0
ip route add default via 192.0.0.1
ip -6 route add 2001::/48 via 2001:0:0:1::1

iptables -t nat -N SDCTLD
iptables -t nat -A PREROUTING -d 198.18.200.111 -i eth1 -j SDCTLD
iptables -t filter -N SDCTLD
iptables -t filter -A FORWARD -i eth0 ! -o eth0 -j SDCTLD

iptables -t nat -A POSTROUTING ! -o eth0 -p tcp -j SNAT \
 --to-source 198.18.200.111:1024-1535
iptables -t nat -A POSTROUTING ! -o eth0 -p udp -j SNAT \
 --to-source 198.18.200.111:1024-1535
iptables -t nat -A POSTROUTING ! -o eth0 -p icmp -j SNAT \
 --to-source 198.18.200.111:1024-1535
#iptables -t nat -A POSTROUTING ! -o eth0 -j SNAT --to-source 198.18.200.111

