add ssrun.sh
This commit is contained in:
parent
91896c5c4a
commit
c742379e13
GPG key ID:
22618F758B5BE2E5
1 changed files with 42 additions and 0 deletions
42
ssrun
Executable file
42
ssrun
Executable file
|
|
@ -0,0 +1,42 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
set_prefix="cgroup:ip:transparent_proxy cgroup:ip6:transparent_proxy_v6"
|
||||||
|
while [ -n "$1" ]; do
|
||||||
|
[ "$1" == '-4' ] && set_prefix="cgroup:ip:transparent_proxy" || act="$1"
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
act="${act:-bp}"
|
||||||
|
case "$act" in
|
||||||
|
bp)
|
||||||
|
nftset="tcp_bypass udp_bypass"
|
||||||
|
;;
|
||||||
|
fw)
|
||||||
|
nftset="tcp_enforce udp_enforce"
|
||||||
|
;;
|
||||||
|
bp_tcp)
|
||||||
|
nftset="tcp_bypass"
|
||||||
|
;;
|
||||||
|
bp_udp)
|
||||||
|
nftset="udp_bypass"
|
||||||
|
;;
|
||||||
|
fw_tcp)
|
||||||
|
nftset="tcp_enforce"
|
||||||
|
;;
|
||||||
|
fw_udp)
|
||||||
|
nftset="udp_enforce"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo -e 'Usage: ssrun [-4] action\nerror: action should be one of:\n\tbp fw bp_tcp bp_udp fw_tcp fw_udp'
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
nftsets=""
|
||||||
|
for p in $set_prefix; do
|
||||||
|
for s in $nftset; do
|
||||||
|
nftsets="$nftsets $p:$s"
|
||||||
|
done
|
||||||
|
done
|
||||||
|
echo "act=${act} nftsets=${nftsets:1}"
|
||||||
|
envf="$(mktemp /tmp/envXXXXXXXX)"
|
||||||
|
env > "$envf"
|
||||||
|
sudo systemd-run --uid $(id -u) --gid $(id -g) -p NFTSet="${nftsets:1}" --collect -p EnvironmentFile="$envf" -p ExecStartPost="/usr/bin/rm -- $envf" -S
|
||||||
Loading…
Reference in a new issue