|
Last change
on this file since 16 was
16,
checked in by mitty, 15 years ago
|
- setlan2wan.sh
- setmasq.sh
- replacement for setnapt.sh
|
|
File size:
1.2 KB
|
| Line | |
|---|
| 1 | #!/bin/sh |
|---|
| 2 | |
|---|
| 3 | # enable access to WAN device on router node from LAN clients |
|---|
| 4 | # |
|---|
| 5 | |
|---|
| 6 | set -x |
|---|
| 7 | |
|---|
| 8 | ## INTERFACES(5) |
|---|
| 9 | # IFACE physical name of the interface being processed |
|---|
| 10 | # METHOD method of the interface (e.g., static) |
|---|
| 11 | # MODE start if run from ifup, stop if run from ifdown |
|---|
| 12 | # PHASE as per MODE, but with finer granularity, distinguishing the pre- |
|---|
| 13 | # up, post-up, pre-down and post-down phases. |
|---|
| 14 | |
|---|
| 15 | LANIF="${1:?"usage: $0 <LAN_device> "}" |
|---|
| 16 | |
|---|
| 17 | LANIP=`/sbin/ip addr show dev ${LANIF} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1` |
|---|
| 18 | LANMASK=`/sbin/ip route show dev ${LANIF} | grep -w ${LANIP} | tr -s ' ' | cut -d ' ' -f 1` |
|---|
| 19 | |
|---|
| 20 | WANIP=`/sbin/ip addr show dev ${IFACE} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1` |
|---|
| 21 | |
|---|
| 22 | if [ "${PHASE}" = "pre-down" ]; then |
|---|
| 23 | # delete rule and exit |
|---|
| 24 | /sbin/iptables -t nat -D PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP} |
|---|
| 25 | echo "remove rule for access to WAN device on router node from LAN clients" |
|---|
| 26 | exit |
|---|
| 27 | fi |
|---|
| 28 | |
|---|
| 29 | |
|---|
| 30 | # set rule |
|---|
| 31 | /sbin/iptables -t nat -A PREROUTING -i ${LANIF} -s ${LANMASK} -d ${WANIP} -j DNAT --to-destination ${LANIP} |
|---|
| 32 | echo "set rule for access to WAN device on router node from LAN clients" |
|---|
Note: See
TracBrowser
for help on using the repository browser.
