Diff for scripts/shell/firewall/fw-universal.sh between version 2.2 and 2.4
version 2.2, 2004/12/12 18:00:11 |
version 2.4, 2004/12/31 01:54:52 |
|
|
# Licensed under terms of GNU General Public License. |
# Licensed under terms of GNU General Public License. |
# All rights reserved. |
# All rights reserved. |
# |
# |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.1 2004/12/11 19:50:24 rajo Exp $ |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.3 2004/12/30 23:16:20 rajo Exp $ |
# |
# |
# Changelog: |
# Changelog: |
# 2004-11-14 - created |
# 2004-11-14 - created |
|
|
masquerade() |
masquerade() |
{ # {{{ |
{ # {{{ |
if [ ! -z "$NAT_LAN_IFACE" ]; then |
if [ ! -z "$NAT_LAN_IFACE" ]; then |
echo -en "Masquerading local subnet:" |
echo -en "Masquerading local subnet: $NAT_SUBNET_IFACE --> $NAT_LAN_IFACE" |
|
|
ip="IP_$NAT_SUBNET_IFACE"; |
ip="IP_$NAT_SUBNET_IFACE"; |
netmask="Mask_$NAT_SUBNET_IFACE" |
netmask="Mask_$NAT_SUBNET_IFACE" |
|
|
|
|
|
|
# Keep state of connections from private subnets |
# Keep state of connections from private subnets |
iptables -A OUTPUT -m state --state NEW -o $NAT_LAN_IFACE -j ACCEPT |
$IPTABLES -A OUTPUT -m state --state NEW -o $NAT_LAN_IFACE -j ACCEPT |
iptables -A FORWARD -m state --state NEW -o $NAT_LAN_IFACE -j ACCEPT |
$IPTABLES -A FORWARD -m state --state NEW -o $NAT_LAN_IFACE -j ACCEPT |
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT |
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT |
echo " done." |
echo " done." |
fi |
fi |
} # }}} |
} # }}} |
Platon Group <platon@platon.org> http://platon.org/
|
|