Add code for detecting default external interface

bin/firewall-sosdg

@@ -104,6 +104,11 @@ if [ ! -x "$IP6TABLES" ] && [ $IPV6 == "1" ]; then
 	exit 3
 fi
 
+
+if [[ "$EXTIF" == "auto" ]]; then
+	EXTIF=$EXTIF_FIND
+}
+
 iptables_rules_flush ipv4
 
 if [ -s "$BASEDIR/include/ipv4_custom_flush" ]; then

include/static

@@ -66,3 +66,6 @@ IPTABLES_MULTIPORT=auto
 # Where we store output of cached rules
 RULE_CACHE=$BASEDIR/cache/ipt-rules
 RULE_CACHE_V6=$BASEDIR/cache/ipt6-rules
+
+EXTIF="auto"
+EXTIF_FIND=`ip route | awk '/^default/{print $3}'`

options.default

@@ -45,6 +45,22 @@ POSTRUN="$BASEDIR/conf/postrun"
 # where this server is providing services.
 #LANDHCPSERVER="eth0 eth1"
 
+# Primary external interface
+# Can be an interface name (ppp0, eth0) or auto
+# which will try to detect the proper interface,
+# but requires a default route to be properly setup
+# first.
+EXTIF="auto"
+
+# Pattern for finding the default external interface
+# Pick one or create your own if the firewall script
+# has problems figuring it out.
+#
+# Common patterns for getting default route:
+# netstat -rn | awk '/^0.0.0.0/{print $8}'
+# ip route | awk -F '/^default/{print $3}'
+#EXTIF_FIND=`ip route | awk '/^default/{print $3}'`
+
 # Internal Interface
 #INTINF=ppp+