brielle
/
Firewall-SOSDG
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixing more of my errors

master
bbruns 2010-08-21 17:18:40 +00:00
parent 8eb1953ebb
commit bd7fbeb274
1 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
rc.firewall
View File

@ -171,7 +171,7 @@ if [ "$BLOCKTCPPORTS" ] || [ "$BLOCKUDPPORTS" ]; then
fi fi
done done
fi fi
echo -en "\n" reset_color
fi fi
if [ -s "$BASEDIR/include/ipv4_custom_allowedports" ]; then if [ -s "$BASEDIR/include/ipv4_custom_allowedports" ]; then
@ -302,7 +302,7 @@ fi
if [ $NAT ]; then if [ $NAT ]; then
if [ $NAT_RANGE ]; then if [ $NAT_RANGE ]; then
display_c YELLOW "Adding NAT rule: " N display_c YELLOW "Adding NAT rule: " N
for i in $NAT_RANGE; do for i in "$NAT_RANGE"; do
NAT_RULE=( ${i//:/ } ) NAT_RULE=( ${i//:/ } )
case ${NAT_RULE[0]} in case ${NAT_RULE[0]} in
SNAT) SNAT)
@ -313,9 +313,8 @@ if [ $NAT ]; then
$IPTABLES -A OUTPUT -p icmp --icmp-type fragmentation-needed -o ${NAT_RULE[3]} -j ACCEPT $IPTABLES -A OUTPUT -p icmp --icmp-type fragmentation-needed -o ${NAT_RULE[3]} -j ACCEPT
;; ;;
MASQ) MASQ)
$IPTABLES -A POSTROUTING -t nat -s ${NAT_RULE[2]} \ $IPTABLES -A POSTROUTING -t nat -s ${NAT_RULE[2]} -j MASQUERADE -o ${NAT_RULE[3]}
-j MASQUERADE -o ${NAT_RULE[3]} display_c PURPLE "MASQ:${NAT_RULE[2]}->${NAT_RULE[3]} " N
display_c PURPLE "MASQ:${NAT_RULE[1]}:${NAT_RULE[2]}->${NAT_RULE[3]} " N
$IPTABLES -A OUTPUT -p icmp --icmp-type time-exceeded -o ${NAT_RULE[3]} -j ACCEPT $IPTABLES -A OUTPUT -p icmp --icmp-type time-exceeded -o ${NAT_RULE[3]} -j ACCEPT
$IPTABLES -A OUTPUT -p icmp --icmp-type fragmentation-needed -o ${NAT_RULE[3]} -j ACCEPT $IPTABLES -A OUTPUT -p icmp --icmp-type fragmentation-needed -o ${NAT_RULE[3]} -j ACCEPT
;; ;;