From: Steven Barth Date: Mon, 28 Apr 2008 07:15:16 +0000 (+0000) Subject: * Corrected Freifunk NAT rules X-Git-Tag: 0.8.0~1089 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=5266a8c01c29bd371afa32dbb1354e0ea3e76045;p=project%2Fluci.git * Corrected Freifunk NAT rules --- diff --git a/contrib/package/ffluci-splash/src/luci_splash.init b/contrib/package/ffluci-splash/src/luci_splash.init index bce432ed30..20f7865fd4 100644 --- a/contrib/package/ffluci-splash/src/luci_splash.init +++ b/contrib/package/ffluci-splash/src/luci_splash.init @@ -19,8 +19,8 @@ iface_add() { eval "$(ipcalc.sh $ipaddr $netmask)" - iptables -t nat -A luci_splash -i "$iface" -s "$IP/$PREFIX" -j luci_splash_portal - iptables -t nat -A luci_splash_portal -i "$iface" -s "$IP/$PREFIX" -d "$ipaddr" -p tcp -m multiport --dports 22,80,443 -j RETURN + iptables -t nat -A luci_splash -i "$iface" -s "$NETWORK/$PREFIX" -j luci_splash_portal + iptables -t nat -A luci_splash_portal -i "$iface" -s "$NETWORK/$PREFIX" -d "$ipaddr" -p tcp -m multiport --dports 22,80,443 -j RETURN } blacklist_add() { diff --git a/module/admin-core/contrib/init.d/luci_freifunk b/module/admin-core/contrib/init.d/luci_freifunk index dbb346f0eb..6b18e14425 100644 --- a/module/admin-core/contrib/init.d/luci_freifunk +++ b/module/admin-core/contrib/init.d/luci_freifunk @@ -29,14 +29,24 @@ start() { ### Lan to Freifunk [ -n "$lanif" ] && { + config_get ipaddr lan ipaddr + config_get netmask lan netmask + + eval "$(ipcalc.sh $ipaddr $netmask)" + iptables -A forwarding_rule -i "$lanif" -o "$ffif" -j ACCEPT - iptables -t nat -A postrouting_rule -i "$lanif" -o "$ffif" -j MASQUERADE + iptables -t nat -A postrouting_rule -s "$NETWORK/$PREFIX" -o "$ffif" -j MASQUERADE } ### Freifunk to Wan [ "$internet" -gt 0 ] && { + config_get ipaddr ff ipaddr + config_get netmask ff netmask + + eval "$(ipcalc.sh $ipaddr $netmask)" + iptables -A forwarding_rule -i "$ffif" -o "$wanif" -j ACCEPT - iptables -t nat -A postrouting_rule -i "$ffif" -o "$wanif" -j MASQUERADE + iptables -t nat -A postrouting_rule -s "$NETWORK/$PREFIX" -o "$wanif" -j MASQUERADE } }