source: lab.git/iptables/setlan2wan.sh @ ed4ab0c

trunk
Last change on this file since ed4ab0c was 3a5184c, checked in by mitty <mitty@…>, 15 years ago
  • FIX: now the script needs 2nd argument to fix IP address of LAN device
    • LAN device can be down before the this script is invoked

git-svn-id: https://lab.mitty.jp/svn/lab/trunk@19 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

  • Property mode set to 100644
File size: 1.0 KB
RevLine 
[e829fd8]1#!/bin/sh
2
3# enable access to WAN device on router node from LAN clients
4#
5
6set -x
7
8## INTERFACES(5)
9# IFACE  physical name of the interface being processed
10# METHOD method of the interface (e.g., static)
11# MODE   start if run from ifup, stop if run from ifdown
12# PHASE  as per MODE, but with finer granularity, distinguishing the pre-
13#        up, post-up, pre-down and post-down phases.
14
[3a5184c]15LANIF="${1:?"usage: $0 <LAN_device> <IPADDR> "}"
16LANIP="${2:?"usage: $0 <LAN_device> <IPADDR> "}"
[e829fd8]17
18WANIP=`/sbin/ip addr show dev ${IFACE} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1`
19
20if [ "${PHASE}" = "pre-down" ]; then
21    # delete rule and exit
[3a5184c]22    /sbin/iptables -t nat -D PREROUTING -i ${LANIF} -d ${WANIP} -j DNAT --to-destination ${LANIP}
[e829fd8]23    echo "remove rule for access to WAN device on router node from LAN clients"
24    exit
25fi
26
27
28# set rule
[7c270d4]29(
30sleep 60
31
[3a5184c]32/sbin/iptables -t nat -A PREROUTING -i ${LANIF} -d ${WANIP} -j DNAT --to-destination ${LANIP}
[e829fd8]33echo "set rule for access to WAN device on router node from LAN clients"
[7c270d4]34
35) &
Note: See TracBrowser for help on using the repository browser.