extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-02-13 16:30:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow creation of an alias label when ADD_IP_ALIASE=Yes

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@414 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2003-01-24 19:42:23 +00:00
parent 896c5743ba
commit 43cc73ef47
2 changed files with 23 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
Shorewall/firewall
View File

@ -1708,8 +1708,11 @@ setup_nat() {
while read external interface internal allints localnat; do while read external interface internal allints localnat; do
expandv external interface internal allints localnat expandv external interface internal allints localnat
iface=${interface%:*}
if [ -n "$ADD_IP_ALIASES" ]; then if [ -n "$ADD_IP_ALIASES" ]; then
qt ip addr del $external dev $interface qt ip addr del $external dev $iface
fi fi
if [ -z "$allints" -o "$allints" = "Yes" -o "$allints" = "yes" ] if [ -z "$allints" -o "$allints" = "Yes" -o "$allints" = "yes" ]
@ -1722,9 +1725,9 @@ setup_nat() {
-j DNAT --to-destination $internal -j DNAT --to-destination $internal
fi fi
else else
addnatrule `input_chain $interface` \ addnatrule `input_chain $iface` \
-d $external -j DNAT --to-destination $internal -d $external -j DNAT --to-destination $internal
addnatrule `output_chain $interface` \ addnatrule `output_chain $iface` \
-s $internal -j SNAT --to-source $external -s $internal -j SNAT --to-source $external
fi fi
@ -3219,9 +3222,10 @@ add_ip_aliases()
val=${val%% scope*} val=${val%% scope*}
fi fi
run_ip addr add ${external}${val} dev $interface run_ip addr add ${external}${val} dev $interface $label
echo "$external $interface" >> ${STATEDIR}/nat echo "$external $interface" >> ${STATEDIR}/nat
echo " IP Address $external added to interface $interface" [ -n "$label" ] && label="with $label"
echo " IP Address $external added to interface $interface $label"
} }
set -- $aliases_to_add set -- $aliases_to_add
@ -3229,6 +3233,14 @@ add_ip_aliases()
while [ $# -gt 0 ]; do while [ $# -gt 0 ]; do
external=$1 external=$1
interface=$2 interface=$2
label=
if [ "$interface" != "${interface%:*}" ]; then
label="${interface#*:}"
interface="${interface%:*}"
label="label $interface:$label"
fi
primary=`find_interface_address $interface` primary=`find_interface_address $interface`
shift;shift shift;shift
[ "x${primary}" = "x${external}" ] || do_one [ "x${primary}" = "x${external}" ] || do_one

8
Shorewall/nat
View File

@ -16,7 +16,11 @@
# IP address of the interface named in the next # IP address of the interface named in the next
# column and must not be a DNS Name. # column and must not be a DNS Name.
# INTERFACE Interface that we want to EXTERNAL address to appear # INTERFACE Interface that we want to EXTERNAL address to appear
# on # on. If ADD_IP_ALIASES=Yes in shorewall.conf, you may
# follow the interface name with ":" and a digit to
# indicate that you want Shorewall to add the alias
# with this name (e.g., "eth0:0"). That allows you to
# see the alias with ifconfig.
# INTERNAL Internal Address (must not be a DNS Name). # INTERNAL Internal Address (must not be a DNS Name).
# ALL INTERFACES If Yes or yes (or left empty), NAT will be effective # ALL INTERFACES If Yes or yes (or left empty), NAT will be effective
# from all hosts. If No or no then NAT will be effective # from all hosts. If No or no then NAT will be effective
@ -26,5 +30,5 @@
# Yes or yes, NAT will be effective from the firewall # Yes or yes, NAT will be effective from the firewall
# system # system
############################################################################## ##############################################################################
#EXTERNAL INTERFACE INTERNAL ALL INTERFACES LOCAL #EXTERNAL INTERFACE INTERNAL ALL INTERFACES LOCAL
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE