1*bb4ee6a4SAndroid Build Coastguard Worker#!/bin/bash 2*bb4ee6a4SAndroid Build Coastguard Worker# Copyright 2022 The ChromiumOS Authors 3*bb4ee6a4SAndroid Build Coastguard Worker# Use of this source code is governed by a BSD-style license that can be 4*bb4ee6a4SAndroid Build Coastguard Worker# found in the LICENSE file. 5*bb4ee6a4SAndroid Build Coastguard Worker 6*bb4ee6a4SAndroid Build Coastguard Worker# Set up networking on the host using a TAP device. This probably works on 7*bb4ee6a4SAndroid Build Coastguard Worker# many ubuntu or debian machines, but highly depends on the existing network 8*bb4ee6a4SAndroid Build Coastguard Worker# configuration. 9*bb4ee6a4SAndroid Build Coastguard Worker 10*bb4ee6a4SAndroid Build Coastguard Workersetup_network() { 11*bb4ee6a4SAndroid Build Coastguard Worker # ANCHOR: setup_tap 12*bb4ee6a4SAndroid Build Coastguard Worker sudo ip tuntap add mode tap user "$USER" vnet_hdr crosvm_tap 13*bb4ee6a4SAndroid Build Coastguard Worker sudo ip addr add 192.168.10.1/24 dev crosvm_tap 14*bb4ee6a4SAndroid Build Coastguard Worker sudo ip link set crosvm_tap up 15*bb4ee6a4SAndroid Build Coastguard Worker # ANCHOR_END: setup_tap 16*bb4ee6a4SAndroid Build Coastguard Worker 17*bb4ee6a4SAndroid Build Coastguard Worker # ANCHOR: setup_routing 18*bb4ee6a4SAndroid Build Coastguard Worker sudo sysctl net.ipv4.ip_forward=1 19*bb4ee6a4SAndroid Build Coastguard Worker # Network interface used to connect to the internet. 20*bb4ee6a4SAndroid Build Coastguard Worker HOST_DEV=$(ip route get 8.8.8.8 | awk -- '{printf $5}') 21*bb4ee6a4SAndroid Build Coastguard Worker sudo iptables -t nat -A POSTROUTING -o "${HOST_DEV}" -j MASQUERADE 22*bb4ee6a4SAndroid Build Coastguard Worker sudo iptables -A FORWARD -i "${HOST_DEV}" -o crosvm_tap -m state --state RELATED,ESTABLISHED -j ACCEPT 23*bb4ee6a4SAndroid Build Coastguard Worker sudo iptables -A FORWARD -i crosvm_tap -o "${HOST_DEV}" -j ACCEPT 24*bb4ee6a4SAndroid Build Coastguard Worker # ANCHOR_END: setup_routing 25*bb4ee6a4SAndroid Build Coastguard Worker} 26*bb4ee6a4SAndroid Build Coastguard Worker 27*bb4ee6a4SAndroid Build Coastguard Workerecho "This will set up a tap device 'crosvm_tap'." 28*bb4ee6a4SAndroid Build Coastguard Workerecho 29*bb4ee6a4SAndroid Build Coastguard Workerecho "It will run the following commands:" 30*bb4ee6a4SAndroid Build Coastguard Workerecho 31*bb4ee6a4SAndroid Build Coastguard Workertype setup_network | sed '1,3d;$d' 32*bb4ee6a4SAndroid Build Coastguard Workerecho 33*bb4ee6a4SAndroid Build Coastguard Workerread -p "Continue [y/N]? " -r 34*bb4ee6a4SAndroid Build Coastguard Workerif [[ ! $REPLY =~ ^[Yy]$ ]]; then 35*bb4ee6a4SAndroid Build Coastguard Worker exit 0 36*bb4ee6a4SAndroid Build Coastguard Workerfi 37*bb4ee6a4SAndroid Build Coastguard Worker 38*bb4ee6a4SAndroid Build Coastguard Workerset -ex 39*bb4ee6a4SAndroid Build Coastguard Workersetup_network 40