#!/bin/bash
set +e
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

brctl addbr docker0
ip link set docker0 up
#ip addr del 172.17.0.1/16 dev docker0
ip addr add fd00:d0ce:7abc:abcd::1/64 dev docker0

IFS="$(printf '@\n')"
while read cmd rule; do
  eval "$cmd -C $rule" || eval "$cmd -A $rule"
done <<EOF
ip6tables -t raw@PREROUTING -s fd00:d0ce:7abc:abcd::/64 -d fd00:d0ce:7abc:abcd::/64 -j NOTRACK
ip6tables -t raw@OUTPUT -s fd00:d0ce:7abc:abcd::/64 -d fd00:d0ce:7abc:abcd::/64 -j NOTRACK
ip6tables -t nat@POSTROUTING -s fd00:d0ce:7abc:abcd::/64 ! -o docker0 -j MASQUERADE
EOF

ip6tables -P FORWARD ACCEPT

sysctl -w net.ipv6.conf.all.forwarding=1
sysctl -w net.ipv6.conf.default.forwarding=1
sysctl -w net.ipv6.conf.docker0.forwarding=1
sysctl -w net.ipv6.conf.docker0.accept_dad=0
sysctl -w net.ipv6.neigh.default.retrans_time_ms=100
sysctl -w net.netfilter.nf_conntrack_max=1048576
sysctl -w net.netfilter.nf_conntrack_tcp_timeout_established=600

#  /etc/init.d/bind9 restart
