From 43cc73ef47b46bf0616b71e36ab39b33b4b13336 Mon Sep 17 00:00:00 2001 From: teastep Date: Fri, 24 Jan 2003 19:42:23 +0000 Subject: [PATCH] Allow creation of an alias label when ADD_IP_ALIASE=Yes git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@414 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/firewall | 22 +++++++++++++++++----- Shorewall/nat | 8 ++++++-- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/Shorewall/firewall b/Shorewall/firewall index 531a3a228..4dbcf6e69 100755 --- a/Shorewall/firewall +++ b/Shorewall/firewall @@ -1708,8 +1708,11 @@ setup_nat() { while read external interface internal allints localnat; do expandv external interface internal allints localnat + + iface=${interface%:*} + if [ -n "$ADD_IP_ALIASES" ]; then - qt ip addr del $external dev $interface + qt ip addr del $external dev $iface fi if [ -z "$allints" -o "$allints" = "Yes" -o "$allints" = "yes" ] @@ -1722,9 +1725,9 @@ setup_nat() { -j DNAT --to-destination $internal fi else - addnatrule `input_chain $interface` \ + addnatrule `input_chain $iface` \ -d $external -j DNAT --to-destination $internal - addnatrule `output_chain $interface` \ + addnatrule `output_chain $iface` \ -s $internal -j SNAT --to-source $external fi @@ -3219,9 +3222,10 @@ add_ip_aliases() val=${val%% scope*} fi - run_ip addr add ${external}${val} dev $interface + run_ip addr add ${external}${val} dev $interface $label echo "$external $interface" >> ${STATEDIR}/nat - echo " IP Address $external added to interface $interface" + [ -n "$label" ] && label="with $label" + echo " IP Address $external added to interface $interface $label" } set -- $aliases_to_add @@ -3229,6 +3233,14 @@ add_ip_aliases() while [ $# -gt 0 ]; do external=$1 interface=$2 + label= + + if [ "$interface" != "${interface%:*}" ]; then + label="${interface#*:}" + interface="${interface%:*}" + label="label $interface:$label" + fi + primary=`find_interface_address $interface` shift;shift [ "x${primary}" = "x${external}" ] || do_one diff --git a/Shorewall/nat b/Shorewall/nat index 7b6ba5b20..71eeac0c9 100755 --- a/Shorewall/nat +++ b/Shorewall/nat @@ -16,7 +16,11 @@ # IP address of the interface named in the next # column and must not be a DNS Name. # INTERFACE Interface that we want to EXTERNAL address to appear -# on +# on. If ADD_IP_ALIASES=Yes in shorewall.conf, you may +# follow the interface name with ":" and a digit to +# indicate that you want Shorewall to add the alias +# with this name (e.g., "eth0:0"). That allows you to +# see the alias with ifconfig. # INTERNAL Internal Address (must not be a DNS Name). # ALL INTERFACES If Yes or yes (or left empty), NAT will be effective # from all hosts. If No or no then NAT will be effective @@ -26,5 +30,5 @@ # Yes or yes, NAT will be effective from the firewall # system ############################################################################## -#EXTERNAL INTERFACE INTERNAL ALL INTERFACES LOCAL +#EXTERNAL INTERFACE INTERNAL ALL INTERFACES LOCAL #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE