Add routing features

2009-08-13 21:56:21 +00:00 · 2009-08-13 21:56:21 +00:00 · a9677f5d51
commit a9677f5d51
parent 3fbe227b80
3 changed files with 14 additions and 5 deletions
--- a/4
+++ b/4
@ -0,0 +1,4 @@
 # IPv4 routing
 # Format is:
 # int1:int1range:int2:int2range:reverse?
 # eth0:192.168.0.0/24:eth1:192.168.1.0/24:1
--- a/options.default
+++ b/options.default
@ -42,7 +42,7 @@ TRUSTEDIP="127.0.0.1"
 DONTTRACK="127.0.0.1"
 # IP range(s) to forward
-FORWARDRANGE="192.168.1.0/24"
+ROUTING=$BASEDIR/ipv4-routing
 # IP ranges(s) to NAT using SNAT.
 NATRANGE="192.168.1.0/24"
--- a/rc.firewall
+++ b/rc.firewall
@ -77,10 +77,15 @@ if [ $CONNTRACK ]; then
 	done
 fi
-if [ $CONNTRACK ]; then
+if [ $ROUTING ]; then
-	for i in $FORWARDRANGE; do
+	for i in `grep -v "\#" $ROUTING`; do
-		$IPTABLES -A FORWARD -s $i -j ACCEPT
+		ROUTE=( ${i//:/ } )
-		$IPTABLES -A FORWARD -d $i -j ACCEPT
+		$IPTABLES -A FORWARD -i ${ROUTE[0]} -o ${ROUTE[2]} \
 			-s ${ROUTE[1]} -d ${ROUTE[3]} -j ACCEPT
 		if [ ${ROUTE[4]} == "1" ]
 			$IPTABLES -A FORWARD -o ${ROUTE[0]} -i ${ROUTE[2]} \
 				-d ${ROUTE[1]} -s ${ROUTE[3]} -j ACCEPT
 		fi
 	done
 fi