#!/bin/sh +x

IP=/sbin/ip

SLICE=$1
SLICEID=`id -u $SLICE`
read KEY

modprobe etun

### Setup etun
ETUN0=nat$KEY
ETUN1=natx$KEY
echo $ETUN0,$ETUN1 > /sys/module/etun/parameters/newif
ifconfig $ETUN1 10.0.$KEY.1 up

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i $ETUN1 -o eth0 -j ACCEPT

### Create "grab link" script
GRAB=/vsys/local_grab-$ETUN0
echo $SLICE > $GRAB.acl 
rm -f $GRAB
cat > $GRAB <<EOF
#!/bin/sh

read PID

chcontext --ctx 1 -- echo \$PID > /sys/class/net/$ETUN0/new_ns_pid 
EOF
chmod +x $GRAB

### Create "delete link" script
DELETE=/vsys/local_delete-$ETUN0
echo $SLICE > $DELETE.acl 
rm -f $DELETE
cat > $DELETE <<EOF
#!/bin/sh

read NULL

# Remove iptables rules
/sbin/iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -D FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -D FORWARD -i $ETUN1 -o eth0 -j ACCEPT

# Get rid of etun devices, only need name of one of them
echo $ETUN1 > /sys/module/etun/parameters/delif

# Clean up files
rm -f $GRAB $GRAB.acl
rm -f $DELETE $DELETE.acl

EOF
chmod +x $DELETE