#!/bin/sh [ -z "$IF_RT" ] && exit 0 [ -z "$IF_RT_GW" ] && exit 0 if [ "$MODE" = "start" ]; then grep -qEi "$IF_RT[ ]*$IFACE" /etc/iproute2/rt_tables \ || echo -e "$IF_RT\t$IFACE" >> /etc/iproute2/rt_tables ip route show table $IF_RT | grep -qEi "default via $IF_RT_GW" \ || ip route add default via $IF_RT_GW table $IF_RT for fwmark in $IF_RT_FWMARK; do ip rule show | grep -qEi "from all fwmark $fwmark lookup $IFACE" \ || ip rule add from all fwmark $fwmark lookup $IFACE if ! iptables -L -n -t mangle | grep 'CONNMARK.*'$IFACE'.*'$IF_ADDRESS'.*state NEW CONNMARK xset.*'$IF_RT_FWMARK'/'; then iptables -t mangle -A PREROUTING -i $IFACE -d $IF_ADDRESS -m state --state NEW -j CONNMARK --set-mark $IF_RT_FWMARK fi if ! iptables -L -n -t mangle | grep 'CONNMARK.*eth+.*CONNMARK restore'; then iptables -t mangle -A PREROUTING -i eth+ -j CONNMARK --restore-mark fi done for addr in $IF_ADDRESS $IF_RT_OA; do ip rule show | grep -qEi "from $addr lookup $IFACE" \ || ip rule add from $addr table $IF_RT done if [ ! -z "$IF_RT_IMPORTGLOBAL" ]; then ip route show \ | sed -e 's/$/ table '$IF_RT'/g' -e 's/^/ip route add /g' \ | sh 2>&1 || true fi elif [ "$MODE" = "stop" ]; then for addr in $IF_ADDRESS $IF_RT_OA; do ip rule show | grep -qEi "from $addr lookup $IFACE" \ && ip rule del from $addr lookup $IFACE done for fwmark in $IF_RT_FWMARK; do ip rule show | grep -qEi "from all fwmark $fwmark lookup $IFACE" \ || ip rule del from all fwmark $fwmark lookup $IFACE if iptables -L -n -t mangle | grep 'CONNMARK.*'$IFACE'.*'$IF_ADDRESS'.*state NEW CONNMARK xset.*'$IF_RT_FWMARK'/'; then iptables -t mangle -D PREROUTING -i $IFACE -d $IF_ADDRESS -m state --state NEW -j CONNMARK --set-mark $IF_RT_FWMARK fi done ip route show table $IF_RT | grep -qEi "default via $IF_RT_GW" \ && ip route del default via $IF_RT_GW table $IF_RT grep -v "$IF_RT[ ]*$IFACE" /etc/iproute2/rt_tables \ > /etc/iproute2/rt_tables.tmp mv /etc/iproute2/rt_tables.tmp /etc/iproute2/rt_tables fi