diff --git a/targets/PROJECTS/GENERIC-LTE-EPC/utils.bash b/targets/PROJECTS/GENERIC-LTE-EPC/utils.bash
index 1510605b7cf4d3e4b5d5352e06ac5e1227ae1614..d9d9eaa53191eab4dd5e10f02d3232db903d4edc 100755
--- a/targets/PROJECTS/GENERIC-LTE-EPC/utils.bash
+++ b/targets/PROJECTS/GENERIC-LTE-EPC/utils.bash
@@ -543,113 +543,119 @@ build_mme_spgw_vlan_network() {
echo_fatal "BAD INTERFACE NAME FOR SGW S1U $SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP"' (waiting for ethx.y, wlanx.y or wifix.y)'
fi;
- ping -c 1 router.eur > /dev/null || { echo_fatal "router.eur does not respond to ping" >&2 ; }
- IP_ROUTER=`python -c 'import socket; print socket.gethostbyname("router.eur")'`
- export MAC_ROUTER=`ip neigh show | grep $IP_ROUTER | cut -d ' ' -f5 | tr -d ':'`
- echo_success "ROUTER MAC ADDRESS= $MAC_ROUTER"
-
- if [ $ENABLE_USE_NETFILTER_FOR_SGI -eq 1 ]; then
-
- bash_exec "modprobe nf_conntrack"
- bash_exec "modprobe nf_conntrack_ftp"
-
- ######################################################
- # PREROUTING
- ######################################################
- # We restore the mark following the CONNMARK mark. In fact, it does a simple MARK=CONNMARK
- # where MARK is the standard mark (usable by tc)
- # In French: Cette option de cible restaure le paquet marqué dans la marque de connexion
- # comme défini par CONNMARK. Un masque peut aussi être défini par l'option --mask.
- # Si une option mask est placée, seules les options masquées seront placées.
- # Notez que cette option de cible n'est valide que dans la table mangle.
- bash_exec "$IPTABLES -t mangle -A PREROUTING -j CONNMARK --restore-mark"
-
- # TEST bash_exec "$IPTABLES -t mangle -A PREROUTING -m mark --mark 0 -i $PGW_INTERFACE_NAME_FOR_SGI -j MARK --set-mark 15"
- # We set the mark of the initial packet as value of the conntrack mark for all the packets of the connection.
- # This mark will be restore for the other packets by the first rule of POSTROUTING --restore-mark).
- bash_exec "$IPTABLES -t mangle -A PREROUTING -j CONNMARK --save-mark"
-
-
- ######################################################
- # POSTROUTING
- ######################################################
-
- # MARK=CONNMARK
- bash_exec "iptables -A POSTROUTING -t mangle -o tap0 -j CONNMARK --restore-mark"
- # If we’ve got a mark no need to get further[
- bash_exec "iptables -A POSTROUTING -t mangle -o tap0 -m mark ! --mark 0 -j ACCEPT"
-
- #bash_exec "iptables -A POSTROUTING -p tcp --dport 21 -t mangle -j MARK --set-mark 1"
- #bash_exec "iptables -A POSTROUTING -p tcp --dport 80 -t mangle -j MARK --set-mark 2"
-
- # We set the mark of the initial packet as value of the conntrack mark for all the packets
- # of the connection. This mark will be restore for the other packets by the first rule
- # of POSTROUTING (–restore-mark).
- bash_exec "iptables -A POSTROUTING -t mangle -j CONNMARK --save-mark"
-
- bash_exec "iptables -A PREROUTING -t mangle -j CONNMARK --restore-mark"
-
- # We restore the mark following the CONNMARK mark.
- # In fact, it does a simple MARK=CONNMARK where MARK is the standard mark (usable by tc)
- #bash_exec "$IPTABLES -A OUTPUT -t mangle -m mark ! --mark 0 -j CONNMARK --restore-mark"
-
- # If we’ve got a mark no need to get further[1]
- #TEST bash_exec "$IPTABLES -A OUTPUT -t mangle -p icmp -j MARK --set-mark 14"
- #bash_exec "$IPTABLES -A OUTPUT -t mangle -m mark ! --mark 0 -j ACCEPT"
-
-
- # We set the mark of the initial packet as value of the conntrack mark for all the packets of the connection.
- # This mark will be restore for the other packets by the first rule of OUTPUT (–restore-mark).
- #bash_exec "$IPTABLES -A OUTPUT -t mangle -j CONNMARK --save-mark"
-
- ######################################################
- # NETFILTER QUEUE
- ######################################################
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 5 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 6 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 7 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 8 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 9 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 10 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 11 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 12 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 13 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 14 -j NFQUEUE --queue-num 1"
- bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 15 -j NFQUEUE --queue-num 1"
+ #
+ is_real_interface $PGW_INTERFACE_NAME_FOR_SGI
+ if [ $? -eq 1 ]; then
+ ping -c 1 router.eur > /dev/null || { echo_fatal "router.eur does not respond to ping" >&2 ; }
+ IP_ROUTER=`python -c 'import socket; print socket.gethostbyname("router.eur")'`
+ export MAC_ROUTER=`ip neigh show | grep $IP_ROUTER | cut -d ' ' -f5 | tr -d ':'`
+ echo_success "ROUTER MAC ADDRESS= $MAC_ROUTER"
+
+ if [ $ENABLE_USE_NETFILTER_FOR_SGI -eq 1 ]; then
+
+ bash_exec "modprobe nf_conntrack"
+ bash_exec "modprobe nf_conntrack_ftp"
+
+ ######################################################
+ # PREROUTING
+ ######################################################
+ # We restore the mark following the CONNMARK mark. In fact, it does a simple MARK=CONNMARK
+ # where MARK is the standard mark (usable by tc)
+ # In French: Cette option de cible restaure le paquet marqué dans la marque de connexion
+ # comme défini par CONNMARK. Un masque peut aussi être défini par l'option --mask.
+ # Si une option mask est placée, seules les options masquées seront placées.
+ # Notez que cette option de cible n'est valide que dans la table mangle.
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -j CONNMARK --restore-mark"
+
+ # TEST bash_exec "$IPTABLES -t mangle -A PREROUTING -m mark --mark 0 -i $PGW_INTERFACE_NAME_FOR_SGI -j MARK --set-mark 15"
+ # We set the mark of the initial packet as value of the conntrack mark for all the packets of the connection.
+ # This mark will be restore for the other packets by the first rule of POSTROUTING --restore-mark).
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -j CONNMARK --save-mark"
+
+
+ ######################################################
+ # POSTROUTING
+ ######################################################
+
+ # MARK=CONNMARK
+ bash_exec "iptables -A POSTROUTING -t mangle -o tap0 -j CONNMARK --restore-mark"
+ # If we’ve got a mark no need to get further[
+ bash_exec "iptables -A POSTROUTING -t mangle -o tap0 -m mark ! --mark 0 -j ACCEPT"
+
+ #bash_exec "iptables -A POSTROUTING -p tcp --dport 21 -t mangle -j MARK --set-mark 1"
+ #bash_exec "iptables -A POSTROUTING -p tcp --dport 80 -t mangle -j MARK --set-mark 2"
+
+ # We set the mark of the initial packet as value of the conntrack mark for all the packets
+ # of the connection. This mark will be restore for the other packets by the first rule
+ # of POSTROUTING (–restore-mark).
+ bash_exec "iptables -A POSTROUTING -t mangle -j CONNMARK --save-mark"
+
+ bash_exec "iptables -A PREROUTING -t mangle -j CONNMARK --restore-mark"
+
+ # We restore the mark following the CONNMARK mark.
+ # In fact, it does a simple MARK=CONNMARK where MARK is the standard mark (usable by tc)
+ #bash_exec "$IPTABLES -A OUTPUT -t mangle -m mark ! --mark 0 -j CONNMARK --restore-mark"
+
+ # If we’ve got a mark no need to get further[1]
+ #TEST bash_exec "$IPTABLES -A OUTPUT -t mangle -p icmp -j MARK --set-mark 14"
+ #bash_exec "$IPTABLES -A OUTPUT -t mangle -m mark ! --mark 0 -j ACCEPT"
+
+
+ # We set the mark of the initial packet as value of the conntrack mark for all the packets of the connection.
+ # This mark will be restore for the other packets by the first rule of OUTPUT (–restore-mark).
+ #bash_exec "$IPTABLES -A OUTPUT -t mangle -j CONNMARK --save-mark"
+
+ ######################################################
+ # NETFILTER QUEUE
+ ######################################################
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 5 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 6 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 7 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 8 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 9 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 10 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 11 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 12 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 13 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 14 -j NFQUEUE --queue-num 1"
+ bash_exec "$IPTABLES -t mangle -A PREROUTING -i $PGW_INTERFACE_NAME_FOR_SGI -m connmark --mark 15 -j NFQUEUE --queue-num 1"
+
+ #echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables #To disable Iptables in the bridge.
+ #Raw table: Some years ago appeared a new tables in Iptables.
+ #This table can be used to avoid packets (connection really) to enter the NAT table:
+ # iptables -t raw -I PREROUTING -i BRIDGE -s x.x.x.x -j NOTRACK.
+ #bash_exec "$IPTABLES -t nat -A POSTROUTING -o $PGW_INTERFACE_NAME_FOR_SGI -j SNAT --to-source $PGW_IP_ADDR_FOR_SGI"
+ else
+ # # get ipv4 address from PGW_INTERFACE_NAME_FOR_SGI
+ #IP_ADDR=`ifconfig $PGW_INTERFACE_NAME_FOR_SGI | awk '/inet addr/ {split ($2,A,":"); print A[2]}' | tr '\n' ' ' | sed -n '1h;1!H;${;g;s/^[ \t]*//g;s/[ \t]*$//g;p;}'`
+
+ #NETWORK=`echo $IP_ADDR | cut -d . -f 1,2,3`
+
+ bash_exec "modprobe 8021q"
+
+ for i in 5 6 7 8 9 10 11 12 13 14 15
+ do
+ # create vlan interface
+ ifconfig $PGW_INTERFACE_NAME_FOR_SGI.$i down > /dev/null 2>&1
+ vconfig rem $PGW_INTERFACE_NAME_FOR_SGI.$i > /dev/null 2>&1
+ sync
+ bash_exec "vconfig add $PGW_INTERFACE_NAME_FOR_SGI $i"
+ sync
+ bash_exec "ifconfig $PGW_INTERFACE_NAME_FOR_SGI.$i up"
+ sync
+ # configure vlan interface
+ #CIDR=$NETWORK'.'$i'/24'
+ base=200
+ NET=$(( $i + $base ))
+ CIDR='10.0.'$NET'.2/8'
+ bash_exec "ip -4 addr add $CIDR dev $PGW_INTERFACE_NAME_FOR_SGI.$i"
+ done
+ fi
- #echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables #To disable Iptables in the bridge.
- #Raw table: Some years ago appeared a new tables in Iptables.
- #This table can be used to avoid packets (connection really) to enter the NAT table:
- # iptables -t raw -I PREROUTING -i BRIDGE -s x.x.x.x -j NOTRACK.
- #bash_exec "$IPTABLES -t nat -A POSTROUTING -o $PGW_INTERFACE_NAME_FOR_SGI -j SNAT --to-source $PGW_IP_ADDR_FOR_SGI"
+ bash_exec "ip link set $PGW_INTERFACE_NAME_FOR_SGI promisc on"
else
- # # get ipv4 address from PGW_INTERFACE_NAME_FOR_SGI
- #IP_ADDR=`ifconfig $PGW_INTERFACE_NAME_FOR_SGI | awk '/inet addr/ {split ($2,A,":"); print A[2]}' | tr '\n' ' ' | sed -n '1h;1!H;${;g;s/^[ \t]*//g;s/[ \t]*$//g;p;}'`
-
- #NETWORK=`echo $IP_ADDR | cut -d . -f 1,2,3`
-
- bash_exec "modprobe 8021q"
-
- for i in 5 6 7 8 9 10 11 12 13 14 15
- do
- # create vlan interface
- ifconfig $PGW_INTERFACE_NAME_FOR_SGI.$i down > /dev/null 2>&1
- vconfig rem $PGW_INTERFACE_NAME_FOR_SGI.$i > /dev/null 2>&1
- sync
- bash_exec "vconfig add $PGW_INTERFACE_NAME_FOR_SGI $i"
- sync
- bash_exec "ifconfig $PGW_INTERFACE_NAME_FOR_SGI.$i up"
- sync
- # configure vlan interface
- #CIDR=$NETWORK'.'$i'/24'
- base=200
- NET=$(( $i + $base ))
- CIDR='10.0.'$NET'.2/8'
- bash_exec "ip -4 addr add $CIDR dev $PGW_INTERFACE_NAME_FOR_SGI.$i"
- done
+ echo_warning "SGI interface disabled by config file"
fi
-
- bash_exec "ip link set $PGW_INTERFACE_NAME_FOR_SGI promisc on"
}
clean_epc_vlan_network() {