From a65ee701a84cc8bc34fa35ffcde919424fa03e66 Mon Sep 17 00:00:00 2001 From: bbruns Date: Sat, 21 Aug 2010 17:32:08 +0000 Subject: [PATCH] Port forwarding format change --- ChangeLog | 1 + port-forwards | 4 ++-- rc.firewall | 14 +++++++------- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 3f04c6d..b049b34 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,7 @@ - Fix DHCP rule - Obsoleted NATRANGE, NATEXTIP, NATEXTIF - Added NAT_RANGE which can take SNAT/MASQ rules + - Changed port forwarding rules to include external interface 0.9.3 - Brielle Bruns - Misc tweaks and reorg diff --git a/port-forwards b/port-forwards index eba559d..94bd800 100644 --- a/port-forwards +++ b/port-forwards @@ -1,3 +1,3 @@ # Format is: -# External port:internal ip:internal port -8080:tcp:192.168.0.100:80 +# External interface:External port:internal ip:internal port +#eth0:8080:tcp:192.168.0.100:80 diff --git a/rc.firewall b/rc.firewall index ecad200..32549f2 100755 --- a/rc.firewall +++ b/rc.firewall @@ -276,14 +276,14 @@ if [ $PORTFW ] && [ $NAT ]; then display_c YELLOW "Adding port forward for: " N for i in `grep -v "\#" $PORTFW`; do PORTADD=( ${i//:/ } ) - $IPTABLES -A PREROUTING -t nat -i $NATEXTIF -p ${PORTADD[1]} \ - --dport ${PORTADD[0]} -j DNAT --to \ - ${PORTADD[2]}:${PORTADD[3]} - $IPTABLES -A INPUT -p ${PORTADD[1]} -m state --state NEW \ - --dport ${PORTADD[0]} -i $NATEXTIF -j ACCEPT - echo -en "\E[32m${PORTADD[0]}\E[37m/\E[35m${PORTADD[1]}\E[37m->${PORTADD[2]}:${PORTADD[3]} " + $IPTABLES -A PREROUTING -t nat -i ${PORTADD[0]} -p ${PORTADD[2]} \ + --dport ${PORTADD[1]} -j DNAT --to \ + ${PORTADD[3]}:${PORTADD[4]} + $IPTABLES -A INPUT -p ${PORTADD[2]} -m state --state NEW \ + --dport ${PORTADD[1]} -i ${PORTADD[0]} -j ACCEPT + display_c PURPLE "${PORTADD[0]}:${PORTADD[1]}:${PORTADD[2]}->${PORTADD[3]}:${PORTADD[4]} " N done -echo -ne "\n" +reset_color fi if [ $LANDHCPSERVER ]; then