version 2.65, 2009/02/06 00:43:12 |
version 2.66, 2009/02/06 23:13:38 |
|
|
# Licensed under terms of GNU General Public License. |
# Licensed under terms of GNU General Public License. |
# All rights reserved. |
# All rights reserved. |
# |
# |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.64 2009-02-06 00:38:56 rajo Exp $ |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.65 2009-02-06 00:43:12 rajo Exp $ |
# |
# |
# Changelog: |
# Changelog: |
# 2003-10-24 - created |
# 2003-10-24 - created |
|
|
if [ ! -z "$NAT_TCP_PORT_FORWARD" ]; then |
if [ ! -z "$NAT_TCP_PORT_FORWARD" ]; then |
print_info -en "\tForwarding TCP ports to local machines:" |
print_info -en "\tForwarding TCP ports to local machines:" |
for redirect in $NAT_TCP_PORT_FORWARD; do |
for redirect in $NAT_TCP_PORT_FORWARD; do |
eval `echo $redirect | $AWK -v FS=: '{ printf "src_port=%s; local_machine=%s; dest_port=%s;", $1, $2, $3; }'` |
#eval `echo $redirect | $AWK -v FS=: '{ printf "src_port=%s; local_machine=%s; dest_port=%s;", $1, $2, $3; }'` |
print_info -en " $src_port -> $local_machine:$dest_port" |
eval `echo $redirect | \ |
$IPTABLES -t nat -A PREROUTING -p TCP -i $NAT_LAN_IFACE -d $lan_ip \ |
$AWK -v FS=: ' (NF == 3) { src_ip = "$lan_ip" ; src_port = $1; local_machine = $2; dest_port = $3; } \ |
|
(NF == 4) { src_ip = $1 ; src_port = $2; local_machine = $3; dest_port = $4; } \ |
|
END { printf "src_ip=%s; src_port=%s; local_machine=%s; dest_port=%s;", src_ip, src_port, local_machine, dest_port; }'` |
|
print_info -en " $src_ip:$src_port -> $local_machine:$dest_port" |
|
$IPTABLES -t nat -A PREROUTING -p TCP -i $NAT_LAN_IFACE -d $src_ip \ |
--dport $src_port -j DNAT --to $local_machine:$dest_port |
--dport $src_port -j DNAT --to $local_machine:$dest_port |
$IPTABLES -A FORWARD -p TCP -i $NAT_LAN_IFACE -d $local_machine --dport $dest_port -j ACCEPT |
$IPTABLES -A FORWARD -p TCP -i $NAT_LAN_IFACE -d $local_machine --dport $dest_port -j ACCEPT |
done |
done |
|
|
if [ ! -z "$NAT_UDP_PORT_FORWARD" ]; then |
if [ ! -z "$NAT_UDP_PORT_FORWARD" ]; then |
print_info -en "\tForwarding UDP ports to local machines:" |
print_info -en "\tForwarding UDP ports to local machines:" |
for redirect in $NAT_UDP_PORT_FORWARD; do |
for redirect in $NAT_UDP_PORT_FORWARD; do |
eval `echo $redirect | $AWK -v FS=: '{ printf "src_port=%s; local_machine=%s; dest_port=%s;", $1, $2, $3; }'` |
#eval `echo $redirect | $AWK -v FS=: '{ printf "src_port=%s; local_machine=%s; dest_port=%s;", $1, $2, $3; }'` |
|
eval `echo $redirect | \ |
|
$AWK -v FS=: ' (NF == 3) { src_ip = "$lan_ip" ; src_port = $1; local_machine = $2; dest_port = $3; } \ |
|
(NF == 4) { src_ip = $1 ; src_port = $2; local_machine = $3; dest_port = $4; } \ |
|
END { printf "src_ip=%s; src_port=%s; local_machine=%s; dest_port=%s;", src_ip, src_port, local_machine, dest_port; }'` |
print_info -en " $src_port -> $local_machine:$dest_port" |
print_info -en " $src_port -> $local_machine:$dest_port" |
$IPTABLES -t nat -A PREROUTING -p UDP -i $NAT_LAN_IFACE -d $lan_ip \ |
$IPTABLES -t nat -A PREROUTING -p UDP -i $NAT_LAN_IFACE -d $lan_ip \ |
--dport $src_port -j DNAT --to $local_machine:$dest_port |
--dport $src_port -j DNAT --to $local_machine:$dest_port |