Mesh bridge forwarding

src/freedombone-mesh-batman

     iptables -D INPUT -p tcp --dport 8942 -j ACCEPT
     iptables -D INPUT -p udp --dport 8942 -j ACCEPT
 
+    iptables -t nat -D POSTROUTING -o $EIFACE -j MASQUERADE
+    iptables -D FORWARD -i $EIFACE -o $IFACE -j ACCEPT -m state –state RELATED,ESTABLISHED
+    iptables -D FORWARD -i $IFACE -o $EIFACE -j ACCEPT
+
+    if [ $IFACE_SECONDARY ]; then
+        iptables -D FORWARD -i $IFACE -o $IFACE_SECONDARY -j ACCEPT -m state –state RELATED,ESTABLISHED
+        iptables -D FORWARD -i $IFACE_SECONDARY -o $IFACE -j ACCEPT
+    fi
+
+    echo 0 > /proc/sys/net/ipv4/ip_forward
+    sed -i 's|net.ipv4.ip_forward=.*|net.ipv4.ip_forward=0|g' /etc/sysctl.conf
+
     systemctl restart network-manager
 }
 
         dhclient $BRIDGE
     fi
 
+    hotspot_enabled=
     if [ $IFACE_SECONDARY ]; then
         if [[ $IFACE != $IFACE_SECONDARY ]]; then
             if [ -d /etc/hostapd ]; then
                 ifconfig $IFACE_SECONDARY up promisc
                 #ifconfig $IFACE_SECONDARY auto-dhcp start
                 systemctl start hostapd
+                hotspot_enabled=1
             fi
         fi
     fi
     iptables -A INPUT -p tcp --dport 8942 -j ACCEPT
     iptables -A INPUT -p udp --dport 8942 -j ACCEPT
 
+    iptables -t nat -A POSTROUTING -o $EIFACE -j MASQUERADE
+    iptables -A FORWARD -i $EIFACE -o $IFACE -j ACCEPT -m state –state RELATED,ESTABLISHED
+    iptables -A FORWARD -i $IFACE -o $EIFACE -j ACCEPT
+
+    if [ $hotspot_enabled ]; then
+        iptables -A FORWARD -i $IFACE -o $IFACE_SECONDARY -j ACCEPT -m state –state RELATED,ESTABLISHED
+        iptables -A FORWARD -i $IFACE_SECONDARY -o $IFACE -j ACCEPT
+    fi
+
+    echo 1 > /proc/sys/net/ipv4/ip_forward
+    sed -i 's|# net.ipv4.ip_forward|net.ipv4.ip_forward|g' /etc/sysctl.conf
+    sed -i 's|#net.ipv4.ip_forward|net.ipv4.ip_forward|g' /etc/sysctl.conf
+    sed -i 's|net.ipv4.ip_forward.*|net.ipv4.ip_forward=1|g' /etc/sysctl.conf
+
     systemctl restart avahi-daemon
 
     verify