From 364e8ccdf741bdeb30c4887500dc761dc525b86b Mon Sep 17 00:00:00 2001 From: "Robert \"ar\" Gerus" Date: Sun, 24 Mar 2013 06:56:55 +0100 Subject: [PATCH] comment out our snat, and extend the comment for the 192.168.0.1 snat rule --- rules/01-output-snat | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/rules/01-output-snat b/rules/01-output-snat index 1505e2c..dbc839f 100644 --- a/rules/01-output-snat +++ b/rules/01-output-snat @@ -3,9 +3,9 @@ rules() { iptables --table filter $flag FORWARD -i ${IF_WAN} -o ${IF_LAN} -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables --table filter $flag FORWARD -i ${IF_LAN} -o ${IF_WAN} -j ACCEPT iptables --table nat $flag POSTROUTING -s ${NET_LAN} -o ${IF_WAN} -j SNAT --to-source ${HOST_KASHA_WAN} - if ${HAVE_WAN2}; then - iptables --table nat $flag POSTROUTING -s 10.24.20.10 -o ${IF_WAN} -j SNAT --to-source ${HOST_KASHA_WAN2} - fi - # we want to be able to access 192.168.0.1 +# if ${HAVE_WAN2}; then +# iptables --table nat $flag POSTROUTING -s 10.24.20.10 -o ${IF_WAN} -j SNAT --to-source ${HOST_KASHA_WAN2} +# fi + # we want to be able to access 192.168.0.1, regardles of which snat we're using iptables --table nat $flag POSTROUTING -s ${NET_LAN} -d ${NET_WAN} -j SNAT --to-source ${HOST_KASHA_WAN} }