dejayc/fixNlc.sh

## fixNlc.sh
#!/bin/bash
LAN_INTERFACE=''
BRIDGE_INTERFACE=''

SCRIPT_NAME=$( basename "${0}" )
POLL_SLEEP_SECONDS=5

getProcessInfo() {
    local PROCESS="${1}"
    ps -ef | grep "${PROCESS}" | grep -v "grep ${PROCESS}"
}

verifyIpfw() {
    sysctl -a net.inet.ip.scopedroute # 0
    sysctl -a net.inet.ip.forwarding # 1
    sysctl -a net.inet.ip.fw.enable # 1
}

populateInterfaceNames() {
    local NATPMPD=$( getProcessInfo natpmpd )

    [[ "${NATPMPD}" != '' ]] || {
        cat <<ERROR
ERROR: Could not find natpmpd.  This script is only appropriate for Mac OS X \
Lion with Internet Sharing is enabled.
ERROR
        exit 2
    }

    local NATPMPD_PROCESS=$(
        echo "${NATPMPD}" | sed \
's/.*-[xy][[:space:]]*\([^[:space:]]*\)'\
'.*[[:space:]]\([^[:space:]]*\)$/\1 \2/g' )

    LAN_INTERFACE=$( echo "${NATPMPD_PROCESS}" | awk '{print $1}' )
    BRIDGE_INTERFACE=$( echo "${NATPMPD_PROCESS}" | awk '{print $2}' )

    [[ "${LAN_INTERFACE}" != '' && "${BRIDGE_INTERFACE}" != '' ]] || {
        cat <<ERROR
ERROR: Could not determine the bridged interfaces from the command parameters \
for natpmpd.  This script is only appropriate on Mac OS X Lion when Internet \
Sharing is enabled.
ERROR
        exit 2
    }
}

prepareScript() {
    populateInterfaceNames
}

executeFix() {
    executeFixIpfwRules && return 0

    echo \
No ipfw rules found for Network Link Conditioner that need to be fixed.
    return 1
}

executeFixIpfwRules() {
    local IPFW_RULES=$( ipfw list 2> /dev/null )

    [[ "${IPFW_RULES}" != '' ]] || {
        cat <<ERROR
ERROR: Could not inspect the state of ipfw.  ipfw is either not running, \
not installed, or could not be found in the PATH for this user.  Or, perhaps \
this script was not invoked by an account with root privileges.
ERROR
        exit 2
    }

    local IPFW_PIPE_RULES_IN=$(
        echo "${IPFW_RULES}" | grep "pipe [0-9]* ip from any to any in" )
    local IPFW_PIPE_RULES_OUT=$(
        echo "${IPFW_RULES}" | grep "pipe [0-9]* ip from any to any out" )

    [[ "${IPFW_PIPE_RULES_IN}" != '' || \
       "${IPFW_PIPE_RULES_OUT}" != '' ]] || return 1

    echo -e "${IPFW_PIPE_RULES_IN}" | {
        while read line
        do
            local RULE_NUM=$( echo "${line}" | awk '{print $1}' )
            local PIPE_NUM=$( echo "${line}" | awk '{print $3}' )
            [[ "${RULE_NUM}" != '' && "${PIPE_NUM}" != '' ]] || continue

            echo "Line: '${line}'"
            echo "Processing input rule ${RULE_NUM} for pipe ${PIPE_NUM}"
            ipfw delete "${RULE_NUM}"
            ipfw add "${RULE_NUM}" pipe "${PIPE_NUM}" ip from any to any \
xmit "${BRIDGE_INTERFACE}" recv "${LAN_INTERFACE}" in
        done
    }

    echo -e "${IPFW_PIPE_RULES_OUT}" | {
        while read line
        do
            local RULE_NUM=$( echo "${line}" | awk '{print $1}' )
            local PIPE_NUM=$( echo "${line}" | awk '{print $3}' )
            [[ "${RULE_NUM}" != '' && "${PIPE_NUM}" != '' ]] || continue

            echo "Line: '${line}'"
            echo "Processing output rule ${RULE_NUM} for pipe ${PIPE_NUM}"
            ipfw delete "${RULE_NUM}"
            ipfw add "${RULE_NUM}" pipe "${PIPE_NUM}" ip from any to any \
xmit "${LAN_INTERFACE}" recv "${BRIDGE_INTERFACE}" out
        done
    }
}

executePollingMode() {
    local PLURALIZED="second$( [[ ${POLL_SLEEP_SECONDS} -ne 1 ]] && echo s )"

    cat <<MESSAGE
Polling every ${POLL_SLEEP_SECONDS} ${PLURALIZED} for changes to Network \
Link Conditioner firewall rules...
MESSAGE

    while true
    do
        executeFixIpfwRules
        sleep ${POLL_SLEEP_SECONDS}
    done
}

showUsage() {
    cat <<USAGE
USAGE: ${SCRIPT_NAME} [-p]
Fixes Network Link Conditioner firewall settings when Internet Sharing is \
enabled in Mac OS X Lion.

This script must be executed with root privileges every time a new profile \
is selected within Network Link Conditioner.  Alternatively, this script can \
be launched in polling mode, in which Network Link Conditioner changes are \
detected automatically.

-p runs this script continually in polling mode, to automatically detect \
changes in Network Link Conditioner.

Compatible with Mac OS X Lion only.
USAGE
}

execute() {
    local EXEC_PARAM=$( echo "${1}" | tr [:upper:] [:lower:] )

    case "${EXEC_PARAM}" in
    '-p')
        prepareScript
        executePollingMode
        ;;
    '-?'|'--?'|'/?'|'-h'|'--h'|'/h'|'-help'|'--help'|'/help'|'help')
        showUsage
        exit 1
        ;;
    '')
        prepareScript
        executeFix
        return ${?}
        ;;
    *)
        echo "ERROR: Unknown parameter '${EXEC_PARAM}' specified"
        showUsage
        exit 1
        ;;
    esac
}

execute "${@}"
	#!/bin/bash
	LAN_INTERFACE=''
	BRIDGE_INTERFACE=''

	SCRIPT_NAME=$( basename "${0}" )
	POLL_SLEEP_SECONDS=5

	getProcessInfo() {
	local PROCESS="${1}"
	ps -ef \| grep "${PROCESS}" \| grep -v "grep ${PROCESS}"
	}

	verifyIpfw() {
	sysctl -a net.inet.ip.scopedroute # 0
	sysctl -a net.inet.ip.forwarding # 1
	sysctl -a net.inet.ip.fw.enable # 1
	}

	populateInterfaceNames() {
	local NATPMPD=$( getProcessInfo natpmpd )

	[[ "${NATPMPD}" != '' ]] \|\| {
	cat <<ERROR
	ERROR: Could not find natpmpd. This script is only appropriate for Mac OS X \
	Lion with Internet Sharing is enabled.
	ERROR
	exit 2
	}

	local NATPMPD_PROCESS=$(
	echo "${NATPMPD}" \| sed \
	's/.-[xy][[:space:]]\([^[:space:]]*\)'\
	'.[[:space:]]\([^[:space:]]\)$/\1 \2/g' )

	LAN_INTERFACE=$( echo "${NATPMPD_PROCESS}" \| awk '{print $1}' )
	BRIDGE_INTERFACE=$( echo "${NATPMPD_PROCESS}" \| awk '{print $2}' )

	[[ "${LAN_INTERFACE}" != '' && "${BRIDGE_INTERFACE}" != '' ]] \|\| {
	cat <<ERROR
	ERROR: Could not determine the bridged interfaces from the command parameters \
	for natpmpd. This script is only appropriate on Mac OS X Lion when Internet \
	Sharing is enabled.
	ERROR
	exit 2
	}
	}

	prepareScript() {
	populateInterfaceNames
	}

	executeFix() {
	executeFixIpfwRules && return 0

	echo \
	No ipfw rules found for Network Link Conditioner that need to be fixed.
	return 1
	}

	executeFixIpfwRules() {
	local IPFW_RULES=$( ipfw list 2> /dev/null )

	[[ "${IPFW_RULES}" != '' ]] \|\| {
	cat <<ERROR
	ERROR: Could not inspect the state of ipfw. ipfw is either not running, \
	not installed, or could not be found in the PATH for this user. Or, perhaps \
	this script was not invoked by an account with root privileges.
	ERROR
	exit 2
	}

	local IPFW_PIPE_RULES_IN=$(
	echo "${IPFW_RULES}" \| grep "pipe [0-9]* ip from any to any in" )
	local IPFW_PIPE_RULES_OUT=$(
	echo "${IPFW_RULES}" \| grep "pipe [0-9]* ip from any to any out" )

	[[ "${IPFW_PIPE_RULES_IN}" != '' \|\| \
	"${IPFW_PIPE_RULES_OUT}" != '' ]] \|\| return 1

	echo -e "${IPFW_PIPE_RULES_IN}" \| {
	while read line
	do
	local RULE_NUM=$( echo "${line}" \| awk '{print $1}' )
	local PIPE_NUM=$( echo "${line}" \| awk '{print $3}' )
	[[ "${RULE_NUM}" != '' && "${PIPE_NUM}" != '' ]] \|\| continue

	echo "Line: '${line}'"
	echo "Processing input rule ${RULE_NUM} for pipe ${PIPE_NUM}"
	ipfw delete "${RULE_NUM}"
	ipfw add "${RULE_NUM}" pipe "${PIPE_NUM}" ip from any to any \
	xmit "${BRIDGE_INTERFACE}" recv "${LAN_INTERFACE}" in
	done
	}

	echo -e "${IPFW_PIPE_RULES_OUT}" \| {
	while read line
	do
	local RULE_NUM=$( echo "${line}" \| awk '{print $1}' )
	local PIPE_NUM=$( echo "${line}" \| awk '{print $3}' )
	[[ "${RULE_NUM}" != '' && "${PIPE_NUM}" != '' ]] \|\| continue

	echo "Line: '${line}'"
	echo "Processing output rule ${RULE_NUM} for pipe ${PIPE_NUM}"
	ipfw delete "${RULE_NUM}"
	ipfw add "${RULE_NUM}" pipe "${PIPE_NUM}" ip from any to any \
	xmit "${LAN_INTERFACE}" recv "${BRIDGE_INTERFACE}" out
	done
	}
	}

	executePollingMode() {
	local PLURALIZED="second$( [[ ${POLL_SLEEP_SECONDS} -ne 1 ]] && echo s )"

	cat <<MESSAGE
	Polling every ${POLL_SLEEP_SECONDS} ${PLURALIZED} for changes to Network \
	Link Conditioner firewall rules...
	MESSAGE

	while true
	do
	executeFixIpfwRules
	sleep ${POLL_SLEEP_SECONDS}
	done
	}

	showUsage() {
	cat <<USAGE
	USAGE: ${SCRIPT_NAME} [-p]
	Fixes Network Link Conditioner firewall settings when Internet Sharing is \
	enabled in Mac OS X Lion.

	This script must be executed with root privileges every time a new profile \
	is selected within Network Link Conditioner. Alternatively, this script can \
	be launched in polling mode, in which Network Link Conditioner changes are \
	detected automatically.

	-p runs this script continually in polling mode, to automatically detect \
	changes in Network Link Conditioner.

	Compatible with Mac OS X Lion only.
	USAGE
	}

	execute() {
	local EXEC_PARAM=$( echo "${1}" \| tr [:upper:] [:lower:] )

	case "${EXEC_PARAM}" in
	'-p')
	prepareScript
	executePollingMode
	;;
	'-?'\|'--?'\|'/?'\|'-h'\|'--h'\|'/h'\|'-help'\|'--help'\|'/help'\|'help')
	showUsage
	exit 1
	;;
	'')
	prepareScript
	executeFix
	return ${?}
	;;
	*)
	echo "ERROR: Unknown parameter '${EXEC_PARAM}' specified"
	showUsage
	exit 1
	;;
	esac
	}

	execute "${@}"