#!/usr/bin/bash

[ $# -eq 0 ] && echo "usage: $(basename $0) up|down [NAME]"

[ $UID -ne 0 ] && echo "must be run as root" >&2 && exit 2

if [ "$1" = "up" ]; then
	[ $# -lt 2 ] && echo "missing argument(s)" >&2 && exit 1
	NAME=$2
	ROUTE_ACTION=add
elif [ "$1" = "down" ]; then
	ROUTE_ACTION=del
else
	echo "unsupported command: $1" >&2
	exit 1
fi

tailscale set --exit-node "$NAME" --exit-node-allow-lan-access=true

PRIVATE_ROUTES="10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 100.64.0.0/10"

for PRIVATE_ROUTE in $PRIVATE_ROUTES; do
	ip route $ROUTE_ACTION to throw $PRIVATE_ROUTE table 52
done

exit 0
