brielle
/
Firewall-SOSDG
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added src IP to port forwarding.

master
bbruns 2010-08-26 21:57:12 +00:00
parent eb9d30aad8
commit dd1e2a2b0a
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
port-forwards
View File

@ -1,3 +1,3 @@
# Format is: # Format is:
# External interface:External IP:External port:Internal ip:Internal port # External interface:Src IP:External IP:External port:Internal ip:Internal port
#eth0:4.2.2.1:8080:tcp:192.168.0.100:80 #eth0:4.2.2.0:4.2.2.1:8080:tcp:192.168.0.100:80

14
rc.firewall
View File

@ -330,15 +330,15 @@ if [ -s "$BASEDIR/include/ipv4_custom_portforward" ]; then
fi fi
if [ $PORTFW ] && [ $NAT ]; then if [ $PORTFW ] && [ $NAT ]; then
display_c YELLOW "Adding port forward for: " N display_c YELLOW "Adding port forward for:"
for i in `grep -v "\#" $PORTFW`; do for i in `grep -v "\#" $PORTFW`; do
PORTADD=( ${i//:/ } ) PORTADD=( ${i//:/ } )
$IPTABLES -A PREROUTING -t nat -i ${PORTADD[0]} -p ${PORTADD[3]} \ $IPTABLES -A PREROUTING -t nat -i ${PORTADD[0]} -p ${PORTADD[4]} -s ${PORTADD[1]} \
--dport ${PORTADD[2]} -d ${PORTADD[1]} -j DNAT --to \ --dport ${PORTADD[3]} -d ${PORTADD[2]} -j DNAT --to \
${PORTADD[4]}:${PORTADD[5]} ${PORTADD[5]}:${PORTADD[6]}
$IPTABLES -A INPUT -p ${PORTADD[3]} -m state --state NEW \ $IPTABLES -A INPUT -p ${PORTADD[4]} -m state --state NEW -s ${PORTADD[1]} \
--dport ${PORTADD[2]} -i ${PORTADD[0]} -j ACCEPT --dport ${PORTADD[3]} -d ${PORTADD[2]} -i ${PORTADD[0]} -j ACCEPT
echo -en "${GREEN}${PORTADD[0]}:${PURPLE}${PORTADD[1]}:${PORTADD[2]}:${PORTADD[3]}${AQUA}->${BLUE}${PORTADD[4]}:${PORTADD[5]} " display_c DEFAULT "\t${GREEN}${PORTADD[0]}:${BLUE}${PORTADD[1]}:${PURPLE}${PORTADD[2]}:${PORTADD[3]}:${PORTADD[4]}${AQUA}->${BLUE}${PORTADD[5]}:${PORTADD[6]} "
done done
reset_color reset_color
fi fi