trunk
Line | |
---|
1 | #!/bin/sh |
---|
2 | |
---|
3 | # enable access to WAN device on router node from LAN clients |
---|
4 | # |
---|
5 | |
---|
6 | set -x |
---|
7 | |
---|
8 | ## INTERFACES(5) |
---|
9 | # IFACE physical name of the interface being processed |
---|
10 | # METHOD method of the interface (e.g., static) |
---|
11 | # MODE start if run from ifup, stop if run from ifdown |
---|
12 | # PHASE as per MODE, but with finer granularity, distinguishing the pre- |
---|
13 | # up, post-up, pre-down and post-down phases. |
---|
14 | |
---|
15 | LANIF="${1:?"usage: $0 <LAN_device> "}" |
---|
16 | |
---|
17 | LANIP=`/sbin/ip addr show dev ${LANIF} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1` |
---|
18 | LANMASK=`/sbin/ip route show dev ${LANIF} | grep -w ${LANIP} | tr -s ' ' | cut -d ' ' -f 1` |
---|
19 | |
---|
20 | WANIP=`/sbin/ip addr show dev ${IFACE} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1` |
---|
21 | |
---|
22 | if [ "${PHASE}" = "pre-down" ]; then |
---|
23 | # delete rule and exit |
---|
24 | /sbin/iptables -t nat -D PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP} |
---|
25 | echo "remove rule for access to WAN device on router node from LAN clients" |
---|
26 | exit |
---|
27 | fi |
---|
28 | |
---|
29 | |
---|
30 | # set rule |
---|
31 | /sbin/iptables -t nat -A PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP} |
---|
32 | echo "set rule for access to WAN device on router node from LAN clients" |
---|
Note: See
TracBrowser
for help on using the repository browser.