* FIX: now the script needs 2nd argument to fix IP address of LAN device

   * LAN device can be down before the this script is invoked

git-svn-id: https://lab.mitty.jp/svn/lab/trunk@19 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

diff --git a/iptables/setlan2wan.sh b/iptables/setlan2wan.sh
index ac9c617..5594949 100644 (file)
--- a/iptables/setlan2wan.sh
+++ b/iptables/setlan2wan.sh
@@ -12,16 +12,14 @@ set -x
 # PHASE  as per MODE, but with finer granularity, distinguishing the pre-
 #        up, post-up, pre-down and post-down phases.
 
-LANIF="${1:?"usage: $0 <LAN_device> "}"
-
-LANIP=`/sbin/ip addr show dev ${LANIF} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1`
-LANMASK=`/sbin/ip route show dev ${LANIF} | grep -w ${LANIP} | tr -s ' ' | cut -d ' ' -f 1`
+LANIF="${1:?"usage: $0 <LAN_device> <IPADDR> "}"
+LANIP="${2:?"usage: $0 <LAN_device> <IPADDR> "}"
 
 WANIP=`/sbin/ip addr show dev ${IFACE} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1`
 
 if [ "${PHASE}" = "pre-down" ]; then
     # delete rule and exit
-    /sbin/iptables -t nat -D PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP}
+    /sbin/iptables -t nat -D PREROUTING -i ${LANIF} -d ${WANIP} -j DNAT --to-destination ${LANIP}
     echo "remove rule for access to WAN device on router node from LAN clients"
     exit
 fi
@@ -31,7 +29,7 @@ fi
 (
 sleep 60
 
-/sbin/iptables -t nat -A PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP}
+/sbin/iptables -t nat -A PREROUTING -i ${LANIF} -d ${WANIP} -j DNAT --to-destination ${LANIP}
 echo "set rule for access to WAN device on router node from LAN clients"
 
 ) &