#!/bin/sh
##
## Name:     passthru
## Purpose:  Share a network connection using NAT.
## Author:   M. J. Fromberger <http://www.dartmouth.edu/~sting/>
## Info:     $Id: passthru 63 2006-04-22 16:49:10Z sting $
##
## Usage: 
## To start up the network, set up the outside connexion then run
##    sudo passthru start
## To stop, run
##    sudo passthru stop
## ... then take down the outside connexion interface.
##

# Which interface the "inside" network is on (shared)
INSIDE=en0

# Which interface the "outside" network is on (Internet)
OUTSIDE=en1

# What IP address to use for this machine on the inside network.
# Other hosts on the network should set this to be their gateway address.
INSIDE_IP=192.168.0.1

# What rule number to use for the firewall redirect rule (ipfw)
RULENUM=100

if [ `id -u` -ne 0 ] ; then
    echo "You must be root to run this script."
    exit 1
fi

# bootpd -B -D -v 
case "$1" in
    'start')
	echo "-- Bringing up interface ${INSIDE} as ${INSIDE_IP}"
	ifconfig ${INSIDE} inet ${INSIDE_IP} up

	echo "-- Enabling IP forwarding in the kernel"
	sysctl -w net.inet.ip.forwarding=1

	echo "-- Starting up NAT for interface ${OUTSIDE}"
	natd -interface ${OUTSIDE}

	echo "-- Diverting ${INSIDE} traffic to ${OUTSIDE}"
	ipfw add ${RULENUM} divert natd ip from any to any via ${OUTSIDE}

	echo "<done>"
	;;

    'stop')
	echo "-- Undiverting traffic from ${INSIDE} to ${OUTSIDE}"
	ipfw delete ${RULENUM}

	# Try to find PID of natd process, and kill it
	pid=`ps -ax|grep -i natd|grep -v grep|awk '{print $1}'`
	if [ "$pid" != "" ] ; then
	    echo "-- Shutting down NAT for interface ${OUTSIDE}"
	    kill $pid
	else
	    echo "** Can't find NAT process to shut it down!"
	fi

	echo "Disabling IP forwarding in the kernel"
	sysctl -w net.inet.ip.forwarding=0
	
	echo "-- Bringing down interface ${INSIDE}"
	ifconfig ${INSIDE} down
	
	echo "<done>"
	;;

    *)
	echo "Usage is: $0 <start|stop>"
	exit 1
	;;
esac