#!/bin/bash

ssh -tt R1 << 'EOF'
set -e # Arrête le script si une commande échoue

ip netns del ns2 2>/dev/null || true
ip link del br0 2>/dev/null || true
ip link del br1 2>/dev/null || true
ip link del veth0 2>/dev/null || true
ip link del veth1 2>/dev/null || true
nft flush ruleset 2>/dev/null || true

ip netns add ns2

ip link add veth0 type veth peer name veth0-ns
ip link add veth1 type veth peer name veth1-ns


ip link set veth0-ns netns ns2
ip link set veth1-ns netns ns2


ip link add br0 type bridge
ip link add br1 type bridge

ip link set eth0 up
ip link set eth1 up
ip link set br0 up
ip link set br1 up

ip link set eth0 master br0
ip link set eth1 master br1

ip link set veth0 up
ip link set veth0 master br0
ip link set veth1 up
ip link set veth1 master br1


ip netns exec ns2 ip link set veth0-ns name eth0 
ip netns exec ns2 ip link set veth1-ns name eth1 
ip netns exec ns2 ip link set eth0 up 
ip netns exec ns2 ip link set eth1 up

# IP sur br1
ip addr add 10.0.0.254/24 dev br1
# IP sur br0
ip addr add 172.21.1.100/24 dev br0

sysctl -w net.ipv4.ip_forward=1

ip route del default via 172.21.1.1 dev br0 2>/dev/null || true
# passerelle Internet
ip route add default via 172.21.1.1 dev br0

bash -c 'cat > /root/nat-r1.nft <<EONAT
flush ruleset
table ip nat {
    chain postrouting {
        type nat hook postrouting priority 100;
        oifname "br0" counter masquerade
    }
}
EONAT
nft -f /root/nat-r1.nft
'
EOF

ssh -tt H1 << 'EOF'
set -e
ip addr flush dev eth0
ip addr add 10.0.0.1/24 dev eth0
ip link set eth0 up
ip route del default 2>/dev/null || true
ip route add default via 10.0.0.254
ping -c 3 8.8.8.8
EOF