Add routing features

2009-08-13 21:56:21 +00:00 · 2009-08-13 21:56:21 +00:00 · a9677f5d51
parent 3fbe227b80
commit a9677f5d51
3 changed files with 14 additions and 5 deletions
--- a/4
+++ b/4
@ -0,0 +1,4 @@
+# IPv4 routing
+# Format is:
+# int1:int1range:int2:int2range:reverse?
+# eth0:192.168.0.0/24:eth1:192.168.1.0/24:1
--- a/options.default
+++ b/options.default
@ -42,7 +42,7 @@ TRUSTEDIP="127.0.0.1"
 DONTTRACK="127.0.0.1"

 # IP range(s) to forward
-FORWARDRANGE="192.168.1.0/24"
+ROUTING=$BASEDIR/ipv4-routing

 # IP ranges(s) to NAT using SNAT.
 NATRANGE="192.168.1.0/24"
--- a/rc.firewall
+++ b/rc.firewall
@ -77,10 +77,15 @@ if [ $CONNTRACK ]; then
 	done
 fi

-if [ $CONNTRACK ]; then
-	for i in $FORWARDRANGE; do
-		$IPTABLES -A FORWARD -s $i -j ACCEPT
-		$IPTABLES -A FORWARD -d $i -j ACCEPT
+if [ $ROUTING ]; then
+	for i in `grep -v "\#" $ROUTING`; do
+		ROUTE=( ${i//:/ } )
+		$IPTABLES -A FORWARD -i ${ROUTE[0]} -o ${ROUTE[2]} \
+			-s ${ROUTE[1]} -d ${ROUTE[3]} -j ACCEPT
+		if [ ${ROUTE[4]} == "1" ]
+ 			$IPTABLES -A FORWARD -o ${ROUTE[0]} -i ${ROUTE[2]} \
+				-d ${ROUTE[1]} -s ${ROUTE[3]} -j ACCEPT
+		fi
 	done
 fi