summaryrefslogtreecommitdiff
path: root/script/service/tfe-env-debug.sh
diff options
context:
space:
mode:
Diffstat (limited to 'script/service/tfe-env-debug.sh')
-rw-r--r--script/service/tfe-env-debug.sh181
1 files changed, 181 insertions, 0 deletions
diff --git a/script/service/tfe-env-debug.sh b/script/service/tfe-env-debug.sh
new file mode 100644
index 0000000..2750aee
--- /dev/null
+++ b/script/service/tfe-env-debug.sh
@@ -0,0 +1,181 @@
+#!/bin/bash
+
+eth=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_DEVICE_DATA_INCOMING | awk -F '=' '{print $2}')
+
+local_addr_v4=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_LOCAL_IP_DATA_INCOMING | awk -F '=' '{print $2}')
+peer_addr_v4=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_PEER_IP_DATA_INCOMING | awk -F '=' '{print $2}')
+
+local_mac=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_LOCAL_MAC_DATA_INCOMING | awk -F '=' '{print $2}')
+peer_mac=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_PEER_MAC_DATA_INCOMING | awk -F '=' '{print $2}')
+
+local_addr_v6=fd00::02
+peer_addr_v6=fd00::01
+
+###########################################################
+# Start
+###########################################################
+
+function setup() {
+ # 配置网卡 MAC 并将网卡状态设置为 UP
+ ip link set ${eth} address ${local_mac}
+ ip link set ${eth} up
+
+ # 配置 Address 和 Netmask
+ ip addr flush dev ${eth}
+
+ ip addr add ${local_addr_v4}/30 dev ${eth}
+ ip addr add ${local_addr_v6}/64 dev ${eth}
+
+ # 回流的 IPv4/IPv6 流量分别走 table 100/102
+ ip -4 rule add iif ${eth} tab 100
+ ip -6 rule add iif ${eth} tab 102
+
+ ip -4 route add local default dev lo table 100
+ ip -6 route add local default dev lo table 102
+
+ # 回注的 IPv4 流量走 table 101
+ # 回注的 IPv6 流量走默认路由
+ ip rule add fwmark 0x65 lookup 101
+ ip -4 route add default dev ${eth} via ${peer_addr_v4} table 101
+ ip -6 route add default dev ${eth} via ${peer_addr_v6}
+
+ # 配置 ARP
+ ip neigh flush dev ${eth}
+
+ ip -4 neigh add ${peer_addr_v4} lladdr ${peer_mac} dev ${eth} nud permanent
+ ip -6 neigh add ${peer_addr_v6} lladdr ${peer_mac} dev ${eth} nud permanent
+
+ # 配置 iptables
+ iptables -A INPUT -i ${eth} -m bpf --bytecode '18,48 0 0 0,84 0 0 240,21 0 14 64,48 0 0 9,21 0 12 6,40 0 0 6,69 10 0 8191,177 0 0 0,80 0 0 12,84 0 0 240,116 0 0 2,53 0 5 24,80 0 0 20,21 0 3 88,80 0 0 21,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
+ ip6tables -A INPUT -i ${eth} -m bpf --bytecode '17,48 0 0 0,84 0 0 240,21 0 13 96,48 0 0 6,21 0 11 6,40 0 0 4,37 0 9 24,48 0 0 52,84 0 0 240,116 0 0 2,53 0 5 24,48 0 0 60,21 0 3 88,48 0 0 61,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
+}
+
+###########################################################
+# Stop
+###########################################################
+
+function setdown() {
+ # 删除 iptables
+ iptables -D INPUT -i ${eth} -m bpf --bytecode '18,48 0 0 0,84 0 0 240,21 0 14 64,48 0 0 9,21 0 12 6,40 0 0 6,69 10 0 8191,177 0 0 0,80 0 0 12,84 0 0 240,116 0 0 2,53 0 5 24,80 0 0 20,21 0 3 88,80 0 0 21,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
+ ip6tables -D INPUT -i ${eth} -m bpf --bytecode '17,48 0 0 0,84 0 0 240,21 0 13 96,48 0 0 6,21 0 11 6,40 0 0 4,37 0 9 24,48 0 0 52,84 0 0 240,116 0 0 2,53 0 5 24,48 0 0 60,21 0 3 88,48 0 0 61,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
+
+ # 删除 ARP
+ ip -4 neigh del ${peer_addr_v4} lladdr ${peer_mac} dev ${eth} nud permanent # TODO NEW ADD
+ ip -6 neigh del ${peer_addr_v6} lladdr ${peer_mac} dev ${eth} nud permanent # TODO NEW ADD
+
+ # 删除回注的路由
+ ip rule del fwmark 0x65 lookup 101
+
+ ip -4 route del default dev ${eth} via ${peer_addr_v4} table 101
+ ip -6 route del default dev ${eth} via ${peer_addr_v6}
+
+ # 删除回流的路由
+ ip -4 rule del iif ${eth} tab 100
+ ip -6 rule del iif ${eth} tab 102
+
+ ip -4 route del local default dev lo table 100
+ ip -6 route del local default dev lo table 102
+
+ # 删除 IP Address 和 NetMask
+ ip addr del ${local_addr_v4}/30 dev ${eth} # TODO NEW ADD
+ ip addr del ${local_addr_v6}/64 dev ${eth}
+
+ # 将网卡状态设置为 DOWN
+ ip link set ${eth} down
+}
+
+###########################################################
+# Debug
+###########################################################
+
+function debug() {
+ printf "\e[32m --------------------------------------------- \e[0m\n"
+ printf "\e[32m Local Addr V4 : %s \e[0m\n" ${local_addr_v4}
+ printf "\e[32m Peer Addr V4 : %s \e[0m\n" ${peer_addr_v4}
+ printf "\e[32m Local Addr V6 : %s \e[0m\n" ${local_addr_v6}
+ printf "\e[32m Peer Addr V6 : %s \e[0m\n" ${peer_addr_v6}
+ printf "\e[32m Local MAC : %s \e[0m\n" ${local_mac}
+ printf "\e[32m Peer MAC : %s \e[0m\n" ${peer_mac}
+ printf "\e[32m --------------------------------------------- \e[0m\n"
+
+ printf "\n\n\e[32m Run: ifconfig %s \e[0m\n" ${eth}
+ ifconfig ${eth}
+
+ printf "\n\n\e[32m Run: ethtool %s \e[0m\n" ${eth}
+ ethtool ${eth}
+
+ # 检查 ip rule
+ printf "\n\n\e[32m Run: ip -4 rule list table 100 \e[0m\n"
+ ip -4 rule list table 100
+
+ printf "\n\n\e[32m Run: ip -4 rule list table 101 \e[0m\n"
+ ip -4 rule list table 101
+
+ printf "\n\n\e[32m Run: ip -6 rule list table 102 \e[0m\n"
+ ip -6 rule list table 102
+
+ # 检查 ip route
+ printf "\n\n\e[32m Run: ip -4 route show table 100 \e[0m\n"
+ ip -4 route show table 100
+
+ printf "\n\n\e[32m Run: ip -4 route show table 101 \e[0m\n"
+ ip -4 route show table 101
+
+ printf "\n\n\e[32m Run: ip -6 route show table 102 \e[0m\n"
+ ip -6 route show table 102
+
+ printf "\n\n\e[32m Run: ip -6 route show default \e[0m\n"
+ ip -6 route show default
+
+ # 检查 ip neigh
+ printf "\n\n\e[32m Run: ip -4 neigh list dev %s \e[0m\n" ${eth}
+ ip -4 neigh list dev ${eth}
+
+ printf "\n\n\e[32m Run: ip -6 neigh list dev %s \e[0m\n" ${eth}
+ ip -6 neigh list dev ${eth}
+
+ # 检查 iptables
+ printf "\n\n\e[32m Run: iptables -t mangle -L \e[0m\n"
+ iptables -t mangle -L
+
+ printf "\n\n\e[32m Run: iptables -t filter -L \e[0m\n"
+ iptables -t filter -L
+
+ printf "\n\n\e[32m Run: iptables -t raw -L \e[0m\n"
+ iptables -t raw -L
+
+ printf "\n\n\e[32m Run: iptables -t nat -L \e[0m\n"
+ iptables -t nat -L
+
+ printf "\n\n\e[32m Run: ip6tables -t mangle -L \e[0m\n"
+ ip6tables -t mangle -L
+
+ printf "\n\n\e[32m Run: ip6tables -t filter -L \e[0m\n"
+ ip6tables -t filter -L
+
+ printf "\n\n\e[32m Run: ip6tables -t raw -L \e[0m\n"
+ ip6tables -t raw -L
+
+ printf "\n\n\e[32m Run: ip6tables -t nat -L \e[0m\n"
+ ip6tables -t nat -L
+}
+
+function usage() {
+ echo "Usage: $(basename $0) [setup|setdown|debug]"
+}
+
+option_setup="setup"
+option_setdown="setdown"
+option_debug="debug"
+
+option=$1
+
+if [ "$option" = "$option_setup" ]; then
+ setup
+elif [ "$option" = "$option_setdown" ]; then
+ setdown
+elif [ "$option" = "$option_debug" ]; then
+ debug
+else
+ usage
+fi \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 15:42:00 +0000