source: lab.git/iptables/setlan2wan.sh @ e829fd8

trunk
Last change on this file since e829fd8 was e829fd8, checked in by mitty <mitty@…>, 15 years ago
  • setlan2wan.sh
  • setmasq.sh
    • replacement for setnapt.sh

git-svn-id: https://lab.mitty.jp/svn/lab/trunk@16 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

  • Property mode set to 100644
File size: 1.2 KB
Line 
1#!/bin/sh
2
3# enable access to WAN device on router node from LAN clients
4#
5
6set -x
7
8## INTERFACES(5)
9# IFACE  physical name of the interface being processed
10# METHOD method of the interface (e.g., static)
11# MODE   start if run from ifup, stop if run from ifdown
12# PHASE  as per MODE, but with finer granularity, distinguishing the pre-
13#        up, post-up, pre-down and post-down phases.
14
15LANIF="${1:?"usage: $0 <LAN_device> "}"
16
17LANIP=`/sbin/ip addr show dev ${LANIF} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1`
18LANMASK=`/sbin/ip route show dev ${LANIF} | grep -w ${LANIP} | tr -s ' ' | cut -d ' ' -f 1`
19
20WANIP=`/sbin/ip addr show dev ${IFACE} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1`
21
22if [ "${PHASE}" = "pre-down" ]; then
23    # delete rule and exit
24    /sbin/iptables -t nat -D PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP}
25    echo "remove rule for access to WAN device on router node from LAN clients"
26    exit
27fi
28
29
30# set rule
31/sbin/iptables -t nat -A PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP}
32echo "set rule for access to WAN device on router node from LAN clients"
Note: See TracBrowser for help on using the repository browser.