summaryrefslogtreecommitdiff
path: root/ipmasq/rules/F50ipsec.rul
blob: 817325a16c8c46f00d94c8a409cc814046a011ac (plain) 
    

  1. #: forward packets between internal and ipsec networks
    2. 

  2. if [ -n "$IPSECCONN" ]; then
    3. 

  3.     for j in $IPSECCONN; do
    4. 

  4.     eval "IPSEC_IF=\$IPSEC_IF_$j"
    5. 

  5.     eval "IPSEC_HERE=\$IPSEC_HERE_$j"
    6. 

  6.     eval "IPSEC_THERE=\$IPSEC_THERE_$j"
    7. 

  7.     for i in $INTERNAL; do
    8. 

  8.         ipnm_cache $i
    9. 

  9.         case $MASQMETHOD in
    10. 

  10.         ipfwadm)
    11. 

  11.         $IPFWADM -F -a accept -b -S $IPOFIF/$NMOFIF -D $IPSEC_THERE
    12. 

  12.         ;;
    13. 

  13.         ipchains)
    14. 

  14.         $IPCHAINS -A forward -b -j ACCEPT -s $IPSEC_HERE -d $IPSEC_THERE
    15. 

  15.         ;;
    16. 

  16.         netfilter)
    17. 

  17.         $IPTABLES -t nat -A POSTROUTING -s $IPSEC_HERE -d $IPSEC_THERE -j ACCEPT
    18. 

  18.         $IPTABLES -A FORWARD -j ACCEPT -s $IPSEC_HERE -d $IPSEC_THERE
    19. 

  19.         $IPTABLES -A FORWARD -j ACCEPT -d $IPSEC_HERE -s $IPSEC_THERE
    20. 

  20. #       $IPTABLES -A FORWARD -j ACCEPT -s $IPOFIF/$NMOFIF -d $IPSEC_THERE
    21. 

  21. #       $IPTABLES -A FORWARD -j ACCEPT -d $IPOFIF/$NMOFIF -s $IPSEC_THERE
    22. 

  22.         ;;
    23. 

  23.         esac
    24. 

  24.     done
    25. 

  25.     done
    26. 

  26. fi
    27.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-28 06:16:02 +0000