Changeset 16 in lab

Timestamp:

Jul 7, 2009 7:33:04 PM (16 years ago)

Author:

mitty

Message:

• setlan2wan.sh
  • see #4
• setmasq.sh
  • replacement for setnapt.sh

Location:

trunk/iptables

Files:

• setlan2wan.sh (added)
• setmasq.sh (copied) (copied from trunk/iptables/setnapt.sh) (2 diffs)

trunk/iptables/setmasq.sh

@@ -1 +1 @@
 #!/bin/sh
 
-# set IP MASQUERADE for listed devices
-# this script must be set on the LAN gateway device
+# set IP MASQUERADE with post-up command in INTERFACES(5)
 
 
@@ -16 +15 @@
 # optional argument to set default gateway devices connected to WAN manually
 # (try each of them in order)
-GATEWAYS="$@"
 
 if [ "${PHASE}" = "post-down" ]; then
-    # flush POSTROUTING chain and exit
-    /sbin/iptables -t nat -F POSTROUTING
+    # remove MASQUERADE rule and exit
+    /sbin/iptables -t nat -D POSTROUTING -o ${IFACE} -j MASQUERADE
     exit
 fi
 
 
-(
-
-# wait for initialization of WAN device with DHCPd 
-sleep 60
-
-if [ -z "${GATEWAYS}" ]; then
-    GATEWAYS=`/sbin/ip route show table main | grep -w default | tr -s ' ' | cut -d ' ' -f 5`
-fi
-
-for GW in ${GATEWAYS}; do
-    if [ ${GW} = ${IFACE} ]; then
-        # skip if device is the LAN gateway
-        continue
-    fi
-    
-    IPADDR=`/sbin/ip addr show dev ${GW} | grep -w inet | tr -s ' ' | cut -d ' ' -f 3 | cut -d / -f 1`
-    if [ -z "${IPADDR}" ]; then
-        # device doesn't seem to have an IP address
-        continue
-    fi
-    
-    ## set masquerade rule to all devices
-    #  because there is no way to know which one is default gateway
-    #  without manual specification
-    /sbin/iptables -t nat -A POSTROUTING -o ${GW} -j MASQUERADE
-done
-
-) &
+# set MASQUERADE rule
+/sbin/iptables -t nat -A POSTROUTING -o ${IFACE} -j MASQUERADE