#!/bin/bash

# Check if packages brctl and tunctl are installed
   [[ ! $((type -f tunctl) 2>/dev/null) ]] && echo "Can't create virtual interfaces, install package 'tunctl'"
   [[ ! $((type -f brctl) 2>/dev/null) ]] && echo "Can't create virtual bridge, install package 'bridge-utils'"

# Create a virtual interfaces
   sudo tunctl -t tap0 -u brezular   #bridged with ASA Management interface
   sudo tunctl -t tap1 -u brezular   #bridged with ASA inside interface
   sudo tunctl -t tap2 -u brezular   #bridged with ASA outside interface and p3p1

# Assign IP addresses to virtual interfaces 
   ifconfig tap0 192.168.1.2 netmask 255.255.255.0
   ifconfig tap1 192.168.2.2 netmask 255.255.255.0
   
      
# Assign a null IP address to interface p3p1 and change default route
   ifconfig p3p1 0.0.0.0
   ifconfig tap2 0.0.0.0
   route del default dev p3p1
   route add default gw 192.168.2.1
   
# Create bridge and bridge ASA outside (tap2) and p3p1 interfaces
   brctl addbr br-asa
   ifconfig br-asa up
   brctl addif br-asa tap2
   brctl addif br-asa p3p1
 
# change DNS server to Google public
   echo "nameserver 8.8.8.8" > /etc/resolv.conf

# Stop iptables
   service iptables stop

# Start ASAv VM as a non-privileged user
   runuser -l brezular -c '/usr/local/bin/qemu-system-x86_64 -m 2048M -boot c -hda /home/brezular/ASAv/asav932-200.qcow2 -netdev tap,id=network0,ifname=tap0,script=no,downscript=no -device e1000,netdev=network0,mac=00:11:22:33:44:00 --enable-kvm -netdev tap,id=network1,ifname=tap1,script=no,downscript=no -device e1000,netdev=network1,mac=00:11:22:33:44:01 -netdev tap,id=network2,ifname=tap2,script=no,downscript=no -device e1000,netdev=network2,mac=00:11:22:33:44:02 -serial telnet:localhost:3333,server,nowait -display none'