source: lab.git/iptables/setlan2wan.sh @ 7c270d4

trunk
Last change on this file since 7c270d4 was 7c270d4, checked in by mitty <mitty@…>, 15 years ago
  • wait for a while to surely set rules
    • sometimes fail to set rules for some unclear reason

git-svn-id: https://lab.mitty.jp/svn/lab/trunk@18 7d2118f6-f56c-43e7-95a2-4bb3031d96e7
  • Property mode set to 100644
File size: 1.2 KB
RevLine 
[e829fd8]1#!/bin/sh
2
3# enable access to WAN device on router node from LAN clients
4#
5
6set -x
7
8## INTERFACES(5)
9# IFACE  physical name of the interface being processed
10# METHOD method of the interface (e.g., static)
11# MODE   start if run from ifup, stop if run from ifdown
12# PHASE  as per MODE, but with finer granularity, distinguishing the pre-
13#        up, post-up, pre-down and post-down phases.
14
15LANIF="${1:?"usage: $0 <LAN_device> "}"
16
17LANIP=`/sbin/ip addr show dev ${LANIF} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1`
18LANMASK=`/sbin/ip route show dev ${LANIF} | grep -w ${LANIP} | tr -s ' ' | cut -d ' ' -f 1`
19
20WANIP=`/sbin/ip addr show dev ${IFACE} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1`
21
22if [ "${PHASE}" = "pre-down" ]; then
23    # delete rule and exit
24    /sbin/iptables -t nat -D PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP}
25    echo "remove rule for access to WAN device on router node from LAN clients"
26    exit
27fi
28
29
30# set rule
[7c270d4]31(
32sleep 60
33
[e829fd8]34/sbin/iptables -t nat -A PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP}
35echo "set rule for access to WAN device on router node from LAN clients"
[7c270d4]36
37) &
Note: See TracBrowser for help on using the repository browser.