2010-06-22 05:21:54 +00:00 · 2010-06-22 05:21:54 +00:00 · dee52b3e5e
commit dee52b3e5e
parent 00b65e8335
1 changed files with 10 additions and 0 deletions
--- a/rc.firewall
+++ b/rc.firewall
@ -100,12 +100,22 @@ if [ "$BLOCKTCPPORTS" ] || [ "$BLOCKUDPPORTS" ]; then
 		for i in $BLOCKTCPPORTS; do
 			echo -en "\E[35mTCP\E[37m/\E[32m$i "
 			$IPTABLES -A OUTPUT -p tcp --dport $i --syn -j DROP
+			if [ "$NATRANGE" ]; then
+				for i in $NATRANGE; do
+					$IPTABLES -A PREROUTING -t raw -p tcp -s $i --dport $i --syn -j DROP
+				done
+			fi
 		done
 	fi
 	if  [ "$BLOCKUDPPORTS" ]; then
 		for i in $BLOCKUDPPORTS; do
 			echo -en "\E[34mUDP\E[37m/\E[32m$i "
 			$IPTABLES -A OUTPUT -p udp --dport $i -j DROP
+			if [ "$NATRANGE" ]; then
+				for i in $NATRANGE; do
+					$IPTABLES -A PREROUTING -t raw -p udp -s $i --dport $i -j DROP
+				done
+			fi
 		done
 	fi
 	echo -en "\n"