Listing 1. Final Script for iptables
#!/bin/bash
#
# kidnet - start/stop masquerading for child's machine
# (C) 2003 Glenn R. Stone - http://www.liawol.org
# GPL Version 2 - # http://www.gnu.org/copyleft/gpl.html
#
# Usage - crontab:
# mm hh dd MM WW /usr/local/bin/kidnet down
#
# mm hh dd MM WW /usr/local/bin/kidnet up
#
# from command line:
# kidnet up - bring up NOW. Yells if GROUNDED.
# kidnet down - bring down NOW. Yells if FREE.
# kidnet ground - bring down NOW and stay down.
# kidnet free - bring net up NOW and stay up.
# kidnet unground - undo GROUNDED, *brings net up.*
# **** FIXME if you don't want unground to auto-up, modify the script
# kidnet unfree - undo FREE - DOES NOT BRING NET DOWN
#
# customizeables
VICTIM=192.168.0.101
SUBNET=192.168.0.0/24
RULE="FORWARD -s $VICTIM -o eth0 -j REJECT"
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
test -x /sbin/iptables || exit 0
set -e
case "$1" in
up)
if [ -f /var/run/kidnet.GROUNDED ]
then
echo "Kidnet is GROUNDED... sorry."
else
iptables -D $RULE || true;
rm -f /var/run/kidnet.DOWN
touch /var/run/kidnet.UP
echo "Kidnet access is UP."
fi
;;
down)
if [ -f /var/run/kidnet.FREE ]
then
echo "FREE is set. Kidnet still UP."
else
if [ -f /var/run/kidnet.DOWN ]
then
echo "Kidnet already DOWN."
else
iptables -I $RULE
touch /var/run/kidnet.DOWN
rm -f /var/run/kidnet.UP
echo "Kidnet is DOWN."
fi
fi
;;
ground)
rm -f /var/run/kidnet.FREE
touch /var/run/kidnet.GROUNDED
$0 down
echo "Kidnet is GROUNDED."
;;
unground)
rm -f /var/run/kidnet.GROUNDED
$0 up
echo "Kidnet is UNGROUNDED"
;;
free)
rm -f /var/run/kidnet.GROUNDED
touch /var/run/kidnet.FREE
$0 up
echo "Kidnet is FREE."
;;
unfree)
rm -f /var/run/kidnet.FREE
echo "Kidnet is returned to normal operation."
$0 status
;;
status)
for i in $(ls -1 /var/run/kidnet.* | sed -e 's/.*\.//')
do
echo Kidnet is $i
done
;;
*)
echo "Usage: kidnet {up|down|ground|free|unground|unfree|status}" >&2
exit 1
;;
esac
exit 0