10 ip link add name $ETUN0 type veth peer name $ETUN1
11 ifconfig $ETUN1 10.0.$KEY.1/24 up
13 iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
14 iptables -A FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
15 iptables -A FORWARD -i $ETUN1 -o eth0 -j ACCEPT
17 ### Create "grab link" script
18 GRAB=/vsys/local_grab-$ETUN0
19 echo $SLICE > $GRAB.acl
26 ip link set $ETUN0 netns \$PID
30 ### Create "delete link" script
31 DELETE=/vsys/local_delete-$ETUN0
32 echo $SLICE > $DELETE.acl
39 # Remove iptables rules
40 iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
41 iptables -D FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
42 iptables -D FORWARD -i $ETUN1 -o eth0 -j ACCEPT
44 # Get rid of etun devices, only need name of one of them
45 ip link delete dev $ETUN1
49 rm -f $DELETE $DELETE.acl