diff options
Diffstat (limited to 'ipmasq/rules/M70masq.def')
| -rw-r--r-- | ipmasq/rules/M70masq.def | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/ipmasq/rules/M70masq.def b/ipmasq/rules/M70masq.def new file mode 100644 index 0000000..8c75509 --- /dev/null +++ b/ipmasq/rules/M70masq.def @@ -0,0 +1,40 @@ +# You should not edit this file. Instead, create a file with the same +# name as this one, but with a .rul extension instead of .def. The +# .rul file will override this one. +# +# However, any changes you make to this file will be preserved. + +#: Masquerade packets from internal networks +if [ -n "$INTERNAL" -a -n "$EXTERNAL" ]; then + for j in $EXTERNAL; do + for i in $INTERNAL; do + ipnm_cache $i + case $MASQMETHOD in + ipfwadm) + $IPFWADM -F -a masq -W ${j%%:*} -S $IPOFIF/$NMOFIF + ;; + ipchains) + if [ -n "$PEEROFIF" ]; then + $IPCHAINS --no-warnings -A forward -j MASQ -i ${j%%:*} -s $PEEROFIF/$NMOFIF + else + $IPCHAINS --no-warnings -A forward -j MASQ -i ${j%%:*} -s $IPOFIF/$NMOFIF + fi + ;; + netfilter) + i=$(echo $i | cut -d ":" -f 1) + j=$(echo $j | cut -d ":" -f 1) + if [ -n "$PEEROFIF" ]; then + $IPTABLES -t nat -A POSTROUTING -s $PEEROFIF/$NMOFIF -o ${j%%:*} -j MASQUERADE + $IPTABLES -A FORWARD -i $i -o ${j%%:*} -s $PEEROFIF/$NMOFIF -j ACCEPT + $IPTABLES -A FORWARD -o $i -i ${j%%:*} -d $PEEROFIF/$NMOFIF -j ACCEPT + else + $IPTABLES -t nat -A POSTROUTING -s $IPOFIF/$NMOFIF -o ${j%%:*} -j MASQUERADE + $IPTABLES -A FORWARD -i $i -o ${j%%:*} -s $IPOFIF/$NMOFIF -j ACCEPT + $IPTABLES -A FORWARD -o $i -i ${j%%:*} -d $IPOFIF/$NMOFIF -j ACCEPT + fi + ;; + esac + done + done +fi + |