#!/bin/sh +x
+IP=/sbin/ip
+
SLICE=$1
SLICEID=`id -u $SLICE`
read INDEX
LINK=${KEY}if${INDEX}
modprobe ip_gre
+modprobe etun
### Setup EGRE tunnel
EGRE=d$LINK
-ip tunnel add $EGRE mode gre type eth remote $REMOTE key $KEY ttl 64
-ip link set $EGRE up
+$IP tunnel add $EGRE mode gre/eth remote $REMOTE key $KEY
+$IP link set $EGRE up
### Setup etun
ETUN0=a$LINK
ETUN1=b$LINK
-ip link add name $ETUN0 type veth peer name $ETUN1
+echo $ETUN0,$ETUN1 > /sys/module/etun/parameters/newif
ifconfig $ETUN0 mtu 1458 up
ifconfig $ETUN1 up
read PID
-ip link set $ETUN0 netns $PID
+chcontext --ctx 1 -- echo \$PID > /sys/class/net/$ETUN0/new_ns_pid
EOF
chmod +x $GRAB
iptables -t mangle -D FORWARD -o $BRIDGE -j MARK --set-mark $SLICEID
# Get rid of etun devices, only need name of one of them
-ip link delete dev $ETUN1
+echo $ETUN1 > /sys/module/etun/parameters/delif
# Get rid of bridge
ifconfig $BRIDGE down
#!/bin/sh +x
+IP=/sbin/ip
+
SLICE=$1
SLICEID=`id -u $SLICE`
read KEY
+modprobe etun
+
### Setup etun
ETUN0=nat$KEY
ETUN1=natx$KEY
-ip link add name $ETUN0 type veth peer name $ETUN1
+echo $ETUN0,$ETUN1 > /sys/module/etun/parameters/newif
ifconfig $ETUN1 10.0.$KEY.1 up
-iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
-iptables -A FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-iptables -A FORWARD -i $ETUN1 -o eth0 -j ACCEPT
+/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+/sbin/iptables -A FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
+/sbin/iptables -A FORWARD -i $ETUN1 -o eth0 -j ACCEPT
### Create "grab link" script
GRAB=/vsys/local_grab-$ETUN0
read PID
-ip link set $ETUN0 netns $PID
+chcontext --ctx 1 -- echo \$PID > /sys/class/net/$ETUN0/new_ns_pid
EOF
chmod +x $GRAB
read NULL
# Remove iptables rules
-iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
-iptables -D FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-iptables -D FORWARD -i $ETUN1 -o eth0 -j ACCEPT
+/sbin/iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
+/sbin/iptables -D FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
+/sbin/iptables -D FORWARD -i $ETUN1 -o eth0 -j ACCEPT
# Get rid of etun devices, only need name of one of them
-ip link delete dev $ETUN1
+echo $ETUN1 > /sys/module/etun/parameters/delif
# Clean up files
rm -f $GRAB $GRAB.acl