blob: 8c75509732019b8cf5e78bcccfc972da4a6b301f (
plain)
- # You should not edit this file. Instead, create a file with the same
- # name as this one, but with a .rul extension instead of .def. The
- # .rul file will override this one.
- #
- # However, any changes you make to this file will be preserved.
- #: Masquerade packets from internal networks
- if [ -n "$INTERNAL" -a -n "$EXTERNAL" ]; then
- for j in $EXTERNAL; do
- for i in $INTERNAL; do
- ipnm_cache $i
- case $MASQMETHOD in
- ipfwadm)
- $IPFWADM -F -a masq -W ${j%%:*} -S $IPOFIF/$NMOFIF
- ;;
- ipchains)
- if [ -n "$PEEROFIF" ]; then
- $IPCHAINS --no-warnings -A forward -j MASQ -i ${j%%:*} -s $PEEROFIF/$NMOFIF
- else
- $IPCHAINS --no-warnings -A forward -j MASQ -i ${j%%:*} -s $IPOFIF/$NMOFIF
- fi
- ;;
- netfilter)
- i=$(echo $i | cut -d ":" -f 1)
- j=$(echo $j | cut -d ":" -f 1)
- if [ -n "$PEEROFIF" ]; then
- $IPTABLES -t nat -A POSTROUTING -s $PEEROFIF/$NMOFIF -o ${j%%:*} -j MASQUERADE
- $IPTABLES -A FORWARD -i $i -o ${j%%:*} -s $PEEROFIF/$NMOFIF -j ACCEPT
- $IPTABLES -A FORWARD -o $i -i ${j%%:*} -d $PEEROFIF/$NMOFIF -j ACCEPT
- else
- $IPTABLES -t nat -A POSTROUTING -s $IPOFIF/$NMOFIF -o ${j%%:*} -j MASQUERADE
- $IPTABLES -A FORWARD -i $i -o ${j%%:*} -s $IPOFIF/$NMOFIF -j ACCEPT
- $IPTABLES -A FORWARD -o $i -i ${j%%:*} -d $IPOFIF/$NMOFIF -j ACCEPT
- fi
- ;;
- esac
- done
- done
- fi
|
