Add rule for getting into private WAN
This commit is contained in:
James Oakley
parent
ba034f57da
commit
b5f05eec87
@ -10,6 +10,15 @@ test -f /etc/default/customfirewall || { exit 0; }
|
|||||||
source /etc/default/customfirewall
|
source /etc/default/customfirewall
|
||||||
|
|
||||||
|
|
||||||
|
function get_destination_ips() {
|
||||||
|
{
|
||||||
|
for rule_def in $FORWARDS ; do
|
||||||
|
IFS=, read -r ip proto port destination <<< "$rule_def"
|
||||||
|
echo $destination
|
||||||
|
done
|
||||||
|
} | sort | uniq
|
||||||
|
}
|
||||||
|
|
||||||
function start() {
|
function start() {
|
||||||
log_progress_msg $NAME
|
log_progress_msg $NAME
|
||||||
|
|
||||||
@ -25,12 +34,20 @@ function start() {
|
|||||||
IFS=, read -r ip proto port destination <<< "$rule_def"
|
IFS=, read -r ip proto port destination <<< "$rule_def"
|
||||||
iptables -t nat -A customfirewall_prerouting -d $ip -p $proto --dport $port -j DNAT --to-destination $destination
|
iptables -t nat -A customfirewall_prerouting -d $ip -p $proto --dport $port -j DNAT --to-destination $destination
|
||||||
done
|
done
|
||||||
|
|
||||||
|
for ip in $(get_destination_ips) ; do
|
||||||
|
ip rule add to $destination lookup bonding-pwan prio 1900
|
||||||
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
function stop() {
|
function stop() {
|
||||||
log_progress_msg $NAME
|
log_progress_msg $NAME
|
||||||
|
|
||||||
|
while ip rule | grep -qe '^1900:' ; do
|
||||||
|
ip rule del prio 1900
|
||||||
|
done
|
||||||
|
|
||||||
for address_def in $ADDRESSES ; do
|
for address_def in $ADDRESSES ; do
|
||||||
IFS=, read -r interface ip <<< "$address_def"
|
IFS=, read -r interface ip <<< "$address_def"
|
||||||
ip addr del $ip dev $interface
|
ip addr del $ip dev $interface
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user