projects
/
openwrt.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
firewall: allow local redirection of ports
[openwrt.git]
/
package
/
firewall
/
files
/
lib
/
core_redirect.sh
diff --git
a/package/firewall/files/lib/core_redirect.sh
b/package/firewall/files/lib/core_redirect.sh
index
9654e71
..
64c619e
100644
(file)
--- a/
package/firewall/files/lib/core_redirect.sh
+++ b/
package/firewall/files/lib/core_redirect.sh
@@
-34,7
+34,7
@@
fw_load_redirect() {
return 0
}
return 0
}
- fwdchain="zone_${redirect_src}
_forward
"
+ fwdchain="zone_${redirect_src}
${redirect_dest_ip:+_forward}
"
natopt="--to-destination"
natchain="zone_${redirect_src}_prerouting"
natopt="--to-destination"
natchain="zone_${redirect_src}_prerouting"
@@
-88,7
+88,10
@@
fw_load_redirect() {
[ "$redirect_proto" == "tcpudp" ] && redirect_proto="tcp udp"
for redirect_proto in $redirect_proto; do
[ "$redirect_proto" == "tcpudp" ] && redirect_proto="tcp udp"
for redirect_proto in $redirect_proto; do
- fw add $mode n $natchain $redirect_target ^ { $redirect_src_ip $redirect_dest_ip } { \
+ local pos
+ eval 'pos=$((++FW__REDIR_COUNT_'${mode#G}'_'$natchain'))'
+
+ fw add $mode n $natchain $redirect_target $pos { $redirect_src_ip $redirect_dest_ip } { \
$srcaddr $srcdaddr \
${redirect_proto:+-p $redirect_proto} \
${srcports:+--sport $srcports} \
$srcaddr $srcdaddr \
${redirect_proto:+-p $redirect_proto} \
${srcports:+--sport $srcports} \
@@
-97,9
+100,8
@@
fw_load_redirect() {
$natopt $nataddr${natports:+:$natports} \
}
$natopt $nataddr${natports:+:$natports} \
}
- [ -n "$destaddr" ] && \
fw add $mode f ${fwdchain:-forward} ACCEPT ^ { $redirect_src_ip $redirect_dest_ip } { \
fw add $mode f ${fwdchain:-forward} ACCEPT ^ { $redirect_src_ip $redirect_dest_ip } { \
- $srcaddr $
destaddr
\
+ $srcaddr $
{destaddr:--m conntrack --ctstate DNAT}
\
${redirect_proto:+-p $redirect_proto} \
${srcports:+--sport $srcports} \
${destports:+--dport $destports} \
${redirect_proto:+-p $redirect_proto} \
${srcports:+--sport $srcports} \
${destports:+--dport $destports} \
This page took
0.021322 seconds
and
4
git commands to generate.