mirror of
https://github.com/firehol/firehol.git
synced 2024-06-30 19:02:21 +00:00
added to-ports and random option for masquerade helper
This commit is contained in:
parent
85056a0079
commit
cdaf280e53
@ -3242,16 +3242,38 @@ masquerade() {
|
||||
|
||||
set_work_function -ne "Initializing $FUNCNAME"
|
||||
|
||||
local f="${work_outface}"
|
||||
test "${1}" = "reverse" && f="${work_inface}" && shift
|
||||
local f="${work_outface}" ports= random=
|
||||
|
||||
while [ ! -z "${1}" ]
|
||||
do
|
||||
case "${1}" in
|
||||
reverse)
|
||||
f="${work_inface}"
|
||||
shift
|
||||
;;
|
||||
|
||||
ports|to-ports|--to-ports)
|
||||
ports="to-ports ${2}"
|
||||
shift 2
|
||||
;;
|
||||
|
||||
random|--random)
|
||||
random="random"
|
||||
shift
|
||||
;;
|
||||
|
||||
*)
|
||||
test -z "${f}" && f="${1}" && shift
|
||||
break
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
test -z "${f}" && error "masquerade requires an interface set or as argument" && return 1
|
||||
|
||||
set_work_function "Initializing masquerade on interface '${f}'"
|
||||
|
||||
rule noowner table nat chain POSTROUTING "$@" inface any outface "${f}" action MASQUERADE || return 1
|
||||
rule noowner table nat chain POSTROUTING "$@" inface any outface "${f}" action MASQUERADE ${ports} ${random} || return 1
|
||||
|
||||
FIREHOL_NAT=1
|
||||
FIREHOL_ROUTING=1
|
||||
@ -6100,8 +6122,41 @@ rule() {
|
||||
action="NONE"
|
||||
;;
|
||||
|
||||
masquerade|MASQUERADE)
|
||||
action="MASQUERADE"
|
||||
if [ ! "A${table}" = "A-t nat" ]
|
||||
then
|
||||
error "${action} must on a the 'nat' table."
|
||||
return 1
|
||||
fi
|
||||
while [ ! -z "${1}" ]
|
||||
do
|
||||
case "${1}" in
|
||||
ports|to-ports|--to-ports)
|
||||
action_param=( "${action_param[@]}" "--to-ports" "${2//:/-}" )
|
||||
# ports need a protocol: either tcp or udp (or both if unset)
|
||||
test "${proto}" = "any" && proto="tcp udp"
|
||||
shift 2
|
||||
;;
|
||||
|
||||
random|--random)
|
||||
action_param=( "${action_param[@]}" "--random" )
|
||||
shift
|
||||
;;
|
||||
|
||||
*) break
|
||||
;;
|
||||
esac
|
||||
done
|
||||
;;
|
||||
|
||||
snat|SNAT)
|
||||
action="SNAT"
|
||||
if [ ! "A${table}" = "A-t nat" ]
|
||||
then
|
||||
error "${action} must on a the 'nat' table."
|
||||
return 1
|
||||
fi
|
||||
if [ "${1}" = "to" ]
|
||||
then
|
||||
action_param=()
|
||||
@ -6115,15 +6170,15 @@ rule() {
|
||||
error "${action} requires a 'to' argument."
|
||||
return 1
|
||||
fi
|
||||
;;
|
||||
|
||||
dnat|DNAT)
|
||||
action="DNAT"
|
||||
if [ ! "A${table}" = "A-t nat" ]
|
||||
then
|
||||
error "${action} must on a the 'nat' table."
|
||||
return 1
|
||||
fi
|
||||
;;
|
||||
|
||||
dnat|DNAT)
|
||||
action="DNAT"
|
||||
if [ "${1}" = "to" ]
|
||||
then
|
||||
action_param=()
|
||||
@ -6137,11 +6192,6 @@ rule() {
|
||||
error "${action} requires a 'to' argument"
|
||||
return 1
|
||||
fi
|
||||
if [ ! "A${table}" = "A-t nat" ]
|
||||
then
|
||||
error "${action} must on a the 'nat' table."
|
||||
return 1
|
||||
fi
|
||||
;;
|
||||
|
||||
redirect|REDIRECT)
|
||||
|
Loading…
Reference in New Issue
Block a user