#!/bin/sh


if which doas 2> /dev/null
then
    rooter=$(which doas)
elif which sudo 2> /dev/null
then
    rooter=$(which sudo)
    sudo echo "Exec of the script" || exit 1
elif [ "$(id -u)" == "0" ]
then
    rooter=""
else
    echo "Error, no enough rights" >&2
    exit
fi

echo "change firewall rules"
# step zero, active ipv4_forward, and changes rule nftables to authorise forward, and and masquerade wlan0.
echo "1" | $rooter tee /proc/sys/net/ipv4/ip_forward
$rooter nft flush ruleset
echo "e"
$rooter nft "table inet my_nat {
	chain postrouting {
		type nat hook postrouting priority srcnat; policy accept;
		oifname \"wlan0\" masquerade
	}
}"

echo "create dummy interface veth0"
# step one, create a dummy veth interface
$rooter ip link add veth0 type dummy
$rooter ip a add 10.0.2.2/24 dev veth0
$rooter ip link set dev veth0 up

echo "link br0 with veth0"
# step two, create the bridge br0 interface, and link it with veth0
$rooter ip link add br0 type bridge
$rooter ip link set dev veth0 master br0
$rooter ip link set dev br0 up
$rooter ip a del 10.0.2.2/24 dev veth0
$rooter ip a add 10.0.2.2/24 dev br0
$rooter ip route add 10.0.2.0/24 via 10.0.2.31 dev br0
$rooter ip route add 10.10.0.0/16 via 10.0.2.31 dev br0

echo "create two other interfaces."
# step three, create others bridges interface
$rooter ip link add br1 type bridge
$rooter ip link set dev br1 up
$rooter ip link add br2 type bridge
$rooter ip link set dev br2 up