#! /bin/bash
#
# Author: Eicke Friedrich
#
# IPP2P and netfilter control script
#

# Maximum number of conntrack entries.
CONNTRACK_MAX=65000

# Use an odd or better a prime number here
# Should be near CONNTRACK_MAX/2
HASHSIZE=32503


case "$1" in
 start)
   echo -n "Starting IPP2P  ... "

	modprobe ip_conntrack hashsize=$HASHSIZE
	echo $CONNTRACK_MAX > /proc/sys/net/ipv4/ip_conntrack_max

	iptables -t mangle -A PREROUTING -p tcp -j CONNMARK --restore-mark
	iptables -t mangle -A PREROUTING -p tcp -m mark ! --mark 0 -j ACCEPT
	iptables -t mangle -A PREROUTING -p tcp -m ipp2p --ipp2p --bit --apple -j MARK --set-mark 11
	iptables -t mangle -A PREROUTING -p tcp -m mark ! --mark 0 -j CONNMARK --save-mark

	iptables -t mangle -A POSTROUTING -o eth0 -m mark --mark 11 -j CLASSIFY --set-class 1:11
	iptables -t mangle -A POSTROUTING -o eth1 -m mark --mark 11 -j CLASSIFY --set-class 2:11

   echo "done"
   ;;

 stop)
   echo -n "Stopping IPP2P ... "

	iptables -t mangle -F
	rmmod ipt_ipp2p

   echo "done"
   ;;

 restart)
   echo -n "Restarting IPP2P ..."
	$0 stop
	$0 start
   echo "done"
   ;;

 *)
   echo "Usage: $0 {start|stop|restart}"
   exit 1
   ;;
esac

exit 0