diff options
| author | Robert "ar" Gerus <ar@bash.org.pl> | 2013-03-25 08:53:51 +0100 |
|---|---|---|
| committer | Robert "ar" Gerus <ar@bash.org.pl> | 2013-03-25 08:53:51 +0100 |
| commit | 669472f4b3f37cd866b52c6c616543991cdd9934 (patch) | |
| tree | 9cda41b0adc3a16fa9d54582708005e4c3417592 | |
| parent | fa7d9821598352623d15bb6a762ad5e557607f96 (diff) | |
| download | old-firewall-669472f4b3f37cd866b52c6c616543991cdd9934.tar.gz old-firewall-669472f4b3f37cd866b52c6c616543991cdd9934.tar.bz2 old-firewall-669472f4b3f37cd866b52c6c616543991cdd9934.zip | |
make mosh work
| -rw-r--r-- | rules/10-ar-amanojaku | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/rules/10-ar-amanojaku b/rules/10-ar-amanojaku index 9f0733b..3f8bef4 100644 --- a/rules/10-ar-amanojaku +++ b/rules/10-ar-amanojaku @@ -1,8 +1,14 @@ #!/bin/bash rules() { -# external port redirects + # tcp for port in 22 80 443 14528:14530; do iptables -t nat $flag PREROUTING -i ${IF_WAN} -d ${HOST_KASHA_WAN} -p tcp --dport ${port} -j DNAT --to-destination ${HOST_AMANOJAKU} iptables -t filter $flag FORWARD -i ${IF_WAN} -d ${HOST_AMANOJAKU} -p tcp --dport ${port} -j ACCEPT done + + # udp + for port in 60000:60100; do + iptables -t nat $flag PREROUTING -i ${IF_WAN} -d ${HOST_KASHA_WAN} -m udp -p udp --dport ${port} -j DNAT --to-destination ${HOST_AMANOJAKU} + iptables -t filter $flag FORWARD -i ${IF_WAN} -d ${HOST_AMANOJAKU} -m udp -p udp --dport ${port} -j ACCEPT + done } |