Add routing features

ipv4-routing

@@ -0,0 +1,4 @@
+# IPv4 routing
+# Format is:
+# int1:int1range:int2:int2range:reverse?
+# eth0:192.168.0.0/24:eth1:192.168.1.0/24:1

options.default

@@ -42,7 +42,7 @@ TRUSTEDIP="127.0.0.1"
 DONTTRACK="127.0.0.1"
 
 # IP range(s) to forward
-FORWARDRANGE="192.168.1.0/24"
+ROUTING=$BASEDIR/ipv4-routing
 
 # IP ranges(s) to NAT using SNAT.
 NATRANGE="192.168.1.0/24"

rc.firewall

@@ -77,10 +77,15 @@ if [ $CONNTRACK ]; then
 	done
 fi
 
-if [ $CONNTRACK ]; then
+if [ $ROUTING ]; then
-	for i in $FORWARDRANGE; do
+	for i in `grep -v "\#" $ROUTING`; do
-		$IPTABLES -A FORWARD -s $i -j ACCEPT
+		ROUTE=( ${i//:/ } )
-		$IPTABLES -A FORWARD -d $i -j ACCEPT
+		$IPTABLES -A FORWARD -i ${ROUTE[0]} -o ${ROUTE[2]} \
+			-s ${ROUTE[1]} -d ${ROUTE[3]} -j ACCEPT
+		if [ ${ROUTE[4]} == "1" ]
+ 			$IPTABLES -A FORWARD -o ${ROUTE[0]} -i ${ROUTE[2]} \
+				-d ${ROUTE[1]} -s ${ROUTE[3]} -j ACCEPT
+		fi
 	done
 fi