LXC on Gentoo

lxc.sh

#!/bin/mksh

set -xe

ipv4=10.0.3.1

down() {
	printf "Removendo bridge..."
	# Remove lxcbr0 first
	ip link del lxcbr0 type bridge
	printf "pronto.\n"

	printf "Desativando dnsmasq..."
	killall dnsmasq
	printf "pronto.\n"

	printf "Removendo regras do iptables..."
	iptables -F
	iptables -F -t nat
	printf "pronto.\n"
}

up() {
	echo 1 | doas tee /proc/sys/net/ipv4/ip_forward

	# Create bridge
	ip link add lxcbr0 type bridge
	ip link set lxcbr0 up
	ip addr add ${ipv4}/24 dev lxcbr0

	# iptables -A FORWARD -i lxcbr0 -s ${ipv4}/24 -m conntrack --ctstate NEW -j ACCEPT
	# iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
	iptables -A POSTROUTING -t nat -j MASQUERADE

	# dnsmasq --bind-interfaces --conf-file= --listen-address $ipv4 --except-interface lo --dhcp-range 10.0.3.2,10.0.3.254 --dhcp-lease-max=253 --dhcp-no-override
}

main() {
	if test 0 != `id -u`; then
		printf "Execute with admin permissions..."
		exit 1
	fi

	if test $# -lt 1; then
		exit 1
	fi

	case "$1" in
		down)
			down
			;;
		up)
			doas up
			;;
	esac
}

main "$@"