free
/
freedombone
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Activity
Selaa lähdekoodia

Store ip address used for forwarding

Bob Mottram 8 vuotta sitten
vanhempi
01c182b668
commit
29671b04ad
1 muutettua tiedostoa jossa 14 lisäystä ja 8 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 14
    8
      src/freedombone-utils-firewall

+ 14
- 8
src/freedombone-utils-firewall Näytä tiedosto 

@@ -110,24 +110,30 @@ function enable_ipv6 {
110 110 
 }
111 111
112 112 
 function firewall_deny_forwarding {
113 
-    iptables -D INPUT -i $FIREWALL_EIFACE -m state --state NEW -p udp --dport 1194 -j ACCEPT
113 
+    read_config_param CURRENT_IPV4_ADDRESS
114 
+    if [ ! $CURRENT_IPV4_ADDRESS ]; then
115 
+        return
116 
+    fi
117 
+    iptables -D INPUT -i ${FIREWALL_EIFACE} -m state --state NEW -p udp --dport 1194 -j ACCEPT
114 118 
     iptables -D INPUT -i tun+ -j ACCEPT
115 119 
     iptables -D FORWARD -i tun+ -j ACCEPT
116 
-    iptables -D FORWARD -i tun+ -o $FIREWALL_EIFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
117 
-    iptables -D FORWARD -i $FIREWALL_EIFACE -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
118 
-    iptables -t nat -D POSTROUTING -s $(get_ipv4_address)/24 -o $FIREWALL_EIFACE -j MASQUERADE
120 
+    iptables -D FORWARD -i tun+ -o ${FIREWALL_EIFACE} -m state --state RELATED,ESTABLISHED -j ACCEPT
121 
+    iptables -D FORWARD -i ${FIREWALL_EIFACE} -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
122 
+    iptables -t nat -D POSTROUTING -s ${CURRENT_IPV4_ADDRESS}/24 -o ${FIREWALL_EIFACE} -j MASQUERADE
119 123 
     iptables -D OUTPUT -o tun+ -j ACCEPT
120 124 
     save_firewall_settings
121 125 
 }
122 126
123 127 
 function firewall_allow_forwarding {
124 
-    iptables -A INPUT -i $FIREWALL_EIFACE -m state --state NEW -p udp --dport 1194 -j ACCEPT
128 
+    curr_ipv4_address=$(get_ipv4_address)
129 
+    iptables -A INPUT -i ${FIREWALL_EIFACE} -m state --state NEW -p udp --dport 1194 -j ACCEPT
125 130 
     iptables -A INPUT -i tun+ -j ACCEPT
126 131 
     iptables -A FORWARD -i tun+ -j ACCEPT
127 
-    iptables -A FORWARD -i tun+ -o $FIREWALL_EIFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
128 
-    iptables -A FORWARD -i $FIREWALL_EIFACE -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
129 
-    iptables -t nat -A POSTROUTING -s $(get_ipv4_address)/24 -o $FIREWALL_EIFACE -j MASQUERADE
132 
+    iptables -A FORWARD -i tun+ -o ${FIREWALL_EIFACE} -m state --state RELATED,ESTABLISHED -j ACCEPT
133 
+    iptables -A FORWARD -i ${FIREWALL_EIFACE} -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
134 
+    iptables -t nat -A POSTROUTING -s ${curr_ipv4_address}/24 -o ${FIREWALL_EIFACE} -j MASQUERADE
130 135 
     iptables -A OUTPUT -o tun+ -j ACCEPT
136 
+    write_config_param CURRENT_IPV4_ADDRESS "$curr_ipv4_address"
131 137 
     save_firewall_settings
132 138 
 }
133 139