skath · October 22, 2014 21:28
diff --git a/vyatta-wlb-symmetry.script b/vyatta-wlb-symmetry.script
 #!/bin/bash
 # WAN Load-Balancing Symmetry workaround
 # steven.kath@vyatta.com 2012-09-22
 # See https://bugzilla.vyatta.com/show_bug.cgi?id=6245 for background.

 if [[ $UID != 0 ]]; then
  echo -e "This script must be run with root permissions. Try:\n  sudo $0"
  exit
 fi

 # Get list of configured WAN-LB interfaces
 cli-shell-api inSession && ACTION=listNodes || ACTION=listEffectiveNodes
 WAN_INTERFACES=$(cli-shell-api $ACTION load-balancing wan interface-health)

 # Clean out our rules from previous runs, if any.
 for CHAIN in PREROUTING OUTPUT; do
  RULES=$(iptables -t mangle -nL $CHAIN --line-numbers)
  RULES=$(grep WLB_SYMMETRY <<< "$RULES" | cut -d' ' -f 1)
  for RULE in $(sort -r <<< "$RULES"); do
    echo "Deleting old rule $RULE from chain $CHAIN..."
    iptables -t mangle -D $CHAIN $RULE
  done
 done

 if [[ -z "$WAN_INTERFACES" ]]; then
  echo "No configured WAN Load-Balancing interfaces found."
  exit
 fi

 until iptables -t mangle -nL WANLOADBALANCE_PRE &>/dev/null; do
  echo "Waiting for WLB to insert its hook..."; sleep 0.1
 done

 INDEX=1 # Starting index for route tables and marks
 TAG="-m comment --comment WLB_SYMMETRY "

 for INTERFACE in $WAN_INTERFACES; do
  INTERFACE=${INTERFACE//\'} # strip quotes
  MARK=$[INDEX++]
  PARAMS="-t mangle -I PREROUTING -i $INTERFACE "
  PARAMS+="-j CONNMARK --set-xmark $MARK "
  PARAMS+="$TAG "
  echo "Inserting PREROUTING rule, connmark $MARK for packets in $INTERFACE"
  iptables $PARAMS
 done

 echo "Inserting rule in OUTPUT chain to mark locally-generated packets"
 iptables -t mangle -I OUTPUT -j CONNMARK --restore-mark $TAG

 INITSCRIPTS=(
  "/etc/init.d/vyatta-wanloadbalance"
  "/opt/vyatta/sbin/vyatta-wanloadbalance.init"
 )
 for SCRIPT in ${INITSCRIPTS[@]}; do
  if [[ -e $SCRIPT ]] && ! grep -q WLB_SYMMETRY $SCRIPT; then
    echo "Hook not found in $SCRIPT, adding one ..."
    echo -e "\n$0 | logger -p notice -t $0 # WLB_SYMMETRY" >> $SCRIPT
  fi
 done

 # End
	#!/bin/bash
	# WAN Load-Balancing Symmetry workaround
	# steven.kath@vyatta.com 2012-09-22
	# See https://bugzilla.vyatta.com/show_bug.cgi?id=6245 for background.

	if [[ $UID != 0 ]]; then
	echo -e "This script must be run with root permissions. Try:\n sudo $0"
	exit
	fi

	# Get list of configured WAN-LB interfaces
	cli-shell-api inSession && ACTION=listNodes \|\| ACTION=listEffectiveNodes
	WAN_INTERFACES=$(cli-shell-api $ACTION load-balancing wan interface-health)

	# Clean out our rules from previous runs, if any.
	for CHAIN in PREROUTING OUTPUT; do
	RULES=$(iptables -t mangle -nL $CHAIN --line-numbers)
	RULES=$(grep WLB_SYMMETRY <<< "$RULES" \| cut -d' ' -f 1)
	for RULE in $(sort -r <<< "$RULES"); do
	echo "Deleting old rule $RULE from chain $CHAIN..."
	iptables -t mangle -D $CHAIN $RULE
	done
	done

	if [[ -z "$WAN_INTERFACES" ]]; then
	echo "No configured WAN Load-Balancing interfaces found."
	exit
	fi

	until iptables -t mangle -nL WANLOADBALANCE_PRE &>/dev/null; do
	echo "Waiting for WLB to insert its hook..."; sleep 0.1
	done

	INDEX=1 # Starting index for route tables and marks
	TAG="-m comment --comment WLB_SYMMETRY "

	for INTERFACE in $WAN_INTERFACES; do
	INTERFACE=${INTERFACE//\'} # strip quotes
	MARK=$[INDEX++]
	PARAMS="-t mangle -I PREROUTING -i $INTERFACE "
	PARAMS+="-j CONNMARK --set-xmark $MARK "
	PARAMS+="$TAG "
	echo "Inserting PREROUTING rule, connmark $MARK for packets in $INTERFACE"
	iptables $PARAMS
	done

	echo "Inserting rule in OUTPUT chain to mark locally-generated packets"
	iptables -t mangle -I OUTPUT -j CONNMARK --restore-mark $TAG

	INITSCRIPTS=(
	"/etc/init.d/vyatta-wanloadbalance"
	"/opt/vyatta/sbin/vyatta-wanloadbalance.init"
	)
	for SCRIPT in ${INITSCRIPTS[@]}; do
	if [[ -e $SCRIPT ]] && ! grep -q WLB_SYMMETRY $SCRIPT; then
	echo "Hook not found in $SCRIPT, adding one ..."
	echo -e "\n$0 \| logger -p notice -t $0 # WLB_SYMMETRY" >> $SCRIPT
	fi
	done

	# End
No results found