inceabdullah/helpers.sh

## helpers.sh
#!/bin/bash

WAIT_FOR_RD=1

color_echo() {
  local color='\033[1;33m'
  local message=$@
  local BOLD='\033[31m'
  local RESET='\033[0m'

  echo -e "${BOLD}${color}[debug] ${message}${RESET}"
}

color_echo_await() {
  color_echo $@
  sleep $WAIT_FOR_RD
}

## nft_host.sh
inet_iface_name=$1

nft add table ip nat
nft add chain ip nat prerouting_ssh { type nat hook prerouting priority 0 \; policy accept \; }
nft add chain ip nat postrouting_ssh { type nat hook postrouting priority 100 \; policy accept \; }
nft add rule ip nat postrouting_ssh oifname "${inet_iface_name}" masquerade

## nft_revert_host.sh
nft delete chain ip nat prerouting_ssh
nft delete chain ip nat postrouting_ssh

## setup.sh
#!/bin/bash

set -e

source helpers.sh

TUN_NS_NAME=vpn
VETH="veth"
VPEER="vpeer"
VETH_ADDR="10.0.0.1"
VPEER_ADDR="10.0.0.2"


# Removing old veth
color_echo_await "Removing old veth..."

ip l d ${VETH} 2>/dev/null || true


# Get the name of the network interface with an assigned IPv4 address, excluding the loopback interface
inet_iface_name=$(ip -4 addr show | grep -v 'inet 127.' | grep -oP '(?<=\d: )\w+' | grep -v 'lo' | head -n 1)


color_echo_await "Interface name: $inet_iface_name"

# Create namespace
color_echo_await "Creating new ns..."


ip netns d $TUN_NS_NAME 2>/dev/null || true
ip netns a $TUN_NS_NAME

color_echo_await "Created.\nns list:"
ip netns

# Create veth link.
color_echo_await "Creating veth peers..."


ip l d ${VETH} 2>/dev/null || true
ip l a ${VETH} type veth peer name ${VPEER}


# Add peer-1 to NS.
color_echo_await "Adding peer to ns..."


ip l s ${VPEER} netns $TUN_NS_NAME


# Assigning IP address of ${VETH}.
color_echo_await "Setting up veth and up..."


ip a a ${VETH_ADDR}/24 dev ${VETH}
ip l s ${VETH} up


#  Set interfaces up.
color_echo_await "Setting ns ifaces up..."


ip netns e $TUN_NS_NAME ip l s ${VPEER} up
ip netns e $TUN_NS_NAME ip l s lo up


# Addr
color_echo_await "Assigning IP address of ns iface..."


ip netns e $TUN_NS_NAME ip a a ${VPEER_ADDR}/24 dev ${VPEER}


# Route
## in VPN
color_echo_await "Setting routing in ns..."


ip netns e $TUN_NS_NAME ip r a default via ${VETH_ADDR}

# NFT NAT Rules
color_echo_await "Setting NAT rules..."


bash nft_revert_host.sh 2>/dev/null || true
bash nft_host.sh $inet_iface_name

# Checking internet in ns
color_echo_await "Checking internet in ns..."


ip netns e $TUN_NS_NAME ping -c1 -W2 x.co

if [ $? -ne 0 ]; then
  echo -e "\e[1;31mPing failed\e[0m" # Bold red
  exit 1
  # Handle the error here
else
  echo -e "\e[1;32mPing succeeded\e[0m" # Bold green
  # Continue with the script
fi
	#!/bin/bash

	WAIT_FOR_RD=1

	color_echo() {
	local color='\033[1;33m'
	local message=$@
	local BOLD='\033[31m'
	local RESET='\033[0m'

	echo -e "${BOLD}${color}[debug] ${message}${RESET}"
	}

	color_echo_await() {
	color_echo $@
	sleep $WAIT_FOR_RD
	}
	inet_iface_name=$1

	nft add table ip nat
	nft add chain ip nat prerouting_ssh { type nat hook prerouting priority 0 \; policy accept \; }
	nft add chain ip nat postrouting_ssh { type nat hook postrouting priority 100 \; policy accept \; }
	nft add rule ip nat postrouting_ssh oifname "${inet_iface_name}" masquerade
	nft delete chain ip nat prerouting_ssh
	nft delete chain ip nat postrouting_ssh
	#!/bin/bash

	set -e

	source helpers.sh

	TUN_NS_NAME=vpn
	VETH="veth"
	VPEER="vpeer"
	VETH_ADDR="10.0.0.1"
	VPEER_ADDR="10.0.0.2"


	# Removing old veth
	color_echo_await "Removing old veth..."

	ip l d ${VETH} 2>/dev/null \|\| true


	# Get the name of the network interface with an assigned IPv4 address, excluding the loopback interface
	inet_iface_name=$(ip -4 addr show \| grep -v 'inet 127.' \| grep -oP '(?<=\d: )\w+' \| grep -v 'lo' \| head -n 1)


	color_echo_await "Interface name: $inet_iface_name"

	# Create namespace
	color_echo_await "Creating new ns..."


	ip netns d $TUN_NS_NAME 2>/dev/null \|\| true
	ip netns a $TUN_NS_NAME

	color_echo_await "Created.\nns list:"
	ip netns

	# Create veth link.
	color_echo_await "Creating veth peers..."


	ip l d ${VETH} 2>/dev/null \|\| true
	ip l a ${VETH} type veth peer name ${VPEER}



	# Add peer-1 to NS.
	color_echo_await "Adding peer to ns..."


	ip l s ${VPEER} netns $TUN_NS_NAME


	# Assigning IP address of ${VETH}.
	color_echo_await "Setting up veth and up..."


	ip a a ${VETH_ADDR}/24 dev ${VETH}
	ip l s ${VETH} up


	# Set interfaces up.
	color_echo_await "Setting ns ifaces up..."


	ip netns e $TUN_NS_NAME ip l s ${VPEER} up
	ip netns e $TUN_NS_NAME ip l s lo up


	# Addr
	color_echo_await "Assigning IP address of ns iface..."


	ip netns e $TUN_NS_NAME ip a a ${VPEER_ADDR}/24 dev ${VPEER}


	# Route
	## in VPN
	color_echo_await "Setting routing in ns..."


	ip netns e $TUN_NS_NAME ip r a default via ${VETH_ADDR}

	# NFT NAT Rules
	color_echo_await "Setting NAT rules..."


	bash nft_revert_host.sh 2>/dev/null \|\| true
	bash nft_host.sh $inet_iface_name

	# Checking internet in ns
	color_echo_await "Checking internet in ns..."


	ip netns e $TUN_NS_NAME ping -c1 -W2 x.co

	if [ $? -ne 0 ]; then
	echo -e "\e[1;31mPing failed\e[0m" # Bold red
	exit 1
	# Handle the error here
	else
	echo -e "\e[1;32mPing succeeded\e[0m" # Bold green
	# Continue with the script
	fi