mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-25 09:03:30 +01:00
Improve handling of PREROUTING for NAT
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@102 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
750d40ce03
commit
338673c29a
@ -1206,7 +1206,7 @@ setup_nat() {
|
||||
-j DNAT --to-destination $internal
|
||||
fi
|
||||
else
|
||||
run_iptables -t nat -A PREROUTING -i $interface \
|
||||
addnatrule `input_chain $interface` \
|
||||
-d $external -j DNAT --to-destination $internal
|
||||
run_iptables -t nat -A POSTROUTING -o $interface \
|
||||
-s $internal -j SNAT --to-source $external
|
||||
@ -2843,6 +2843,13 @@ activate_rules() {
|
||||
|
||||
multi_interfaces=`find_interfaces_by_option multi`
|
||||
|
||||
for interface in $all_interfaces; do
|
||||
chain=`input_chain $interface`
|
||||
|
||||
havenatchain $chain && \
|
||||
run_iptables -t nat -A PREROUTING -i $interface -j $chain
|
||||
done
|
||||
|
||||
for zone in $zones; do
|
||||
eval source_hosts=\$${zone}_hosts
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user