verzia 2.92, 2012/10/30 16:08:52 |
verzia 2.93, 2013/09/21 02:55:50 |
|
|
# Licensed under terms of GNU General Public License. |
# Licensed under terms of GNU General Public License. |
# All rights reserved. |
# All rights reserved. |
# |
# |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.91 2012-02-14 22:52:12 rajo Exp $ |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.92 2012-10-30 16:08:52 rajo Exp $ |
# |
# |
# Changelog: |
# Changelog: |
# 2003-10-24 - created |
# 2003-10-24 - created |
Riadok 461 mangle_output() |
|
Riadok 461 mangle_output() |
|
|
|
masquerade() |
masquerade() |
{ # {{{ |
{ # {{{ |
if [ "X$XEN_MODE" = "Xon" ]; then |
|
print_info "XEN_MODE enabled: masquerade is not supported in this mode"; |
|
return; |
|
fi |
|
if [ ! -z "$NAT_LAN_IFACE" ]; then |
if [ ! -z "$NAT_LAN_IFACE" ]; then |
print_info -en "NAT: Enabling packet forwarding..." |
print_info -en "NAT: Enabling packet forwarding..." |
echo 1 > /proc/sys/net/ipv4/ip_forward |
echo 1 > /proc/sys/net/ipv4/ip_forward |
print_info " done." |
print_info " done." |
print_info -en "NAT: Masquerading local subnet: $NAT_SUBNET_IFACE --> $NAT_LAN_IFACE" |
print_info -en "NAT: Masquerading local subnet: $NAT_SUBNET_IFACE --> $NAT_LAN_IFACE" |
|
|
|
if [ "X$XEN_MODE" = "Xon" ]; then |
|
$IPTABLES -t nat -A POSTROUTING -o $NAT_LAN_IFACE -j MASQUERADE |
|
print_info " done." |
|
print_info "XEN_MODE enabled: masquerade is limited to basic functionality only"; |
|
return; |
|
fi |
|
|
ip="`get_first_ip_addr IP_$NAT_SUBNET_IFACE`" |
ip="`get_first_ip_addr IP_$NAT_SUBNET_IFACE`" |
netmask="Mask_$NAT_SUBNET_IFACE" |
netmask="Mask_$NAT_SUBNET_IFACE" |
localnet="$ip/${!netmask}" |
localnet="$ip/${!netmask}" |