ar
/
old-firewall
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

get our snat back

master
Robert "ar" Gerus 2013-03-24 09:45:10 +01:00
parent 364e8ccdf7
commit fa7d982159
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
rules/01-output-snat
View File

@ -3,9 +3,9 @@ rules() {
iptables --table filter $flag FORWARD -i ${IF_WAN} -o ${IF_LAN} -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables --table filter $flag FORWARD -i ${IF_LAN} -o ${IF_WAN} -j ACCEPT
iptables --table nat $flag POSTROUTING -s ${NET_LAN} -o ${IF_WAN} -j SNAT --to-source ${HOST_KASHA_WAN}
# if ${HAVE_WAN2}; then
# iptables --table nat $flag POSTROUTING -s 10.24.20.10 -o ${IF_WAN} -j SNAT --to-source ${HOST_KASHA_WAN2}
# fi
if ${HAVE_WAN2}; then
iptables --table nat $flag POSTROUTING -s 10.24.20.10 -o ${IF_WAN} -j SNAT --to-source ${HOST_KASHA_WAN2}
fi
# we want to be able to access 192.168.0.1, regardles of which snat we're using
iptables --table nat $flag POSTROUTING -s ${NET_LAN} -d ${NET_WAN} -j SNAT --to-source ${HOST_KASHA_WAN}
iptables --table nat $append POSTROUTING -s ${NET_LAN} -d ${NET_WAN} -j SNAT --to-source ${HOST_KASHA_WAN}
}