#!/bin/sh

ifname="$2"
fwd_path="/proc/sys/net/ipv4/conf/$ifname/forwarding"

fwd_change() {
	echo "$1" >"$fwd_path"
	if [ "$1" = "1" ];then
		action="ACCEPT"
		iptables -w -t filter -D forward_default -i "$ifname" -j DROP
	else
		action="DROP"
		iptables -w -t filter -D forward_default -i "$ifname" -j ACCEPT
	fi

	if [ "$2" = "1" ] && ! iptables -w -C forward_default -t filter -i "$ifname" -j "$action";then
		iptables -w -t filter -I forward_default 1 -i "$ifname" -j "$action"
	fi
}


case "$1" in
off) iptables -w -n -L postrouting_rule_multinat -t nat |grep MASQUERADE 2>/dev/null 1>&2 || fwd_change 0 1;;
offipt)
	echo "0" >"$fwd_path"
	iptables -w -t filter -D forward_default -i "$ifname" -j DROP
	iptables -w -t filter -D forward_default -i "$ifname" -j ACCEPT
	;;
on) fwd_change 1 1;;
chkon) iptables -w -n -L postrouting_rule_multinat -t nat |grep MASQUERADE 2>/dev/null 1>&2 && fwd_change 1 1;;
esac

