extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-15 04:04:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix RETAIN_ALIASES=Yes behavior; only 'detect' first address for SNAT

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6149 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-29 14:28:11 +00:00
parent 8c497548ca
commit ecbd719bef
3 changed files with 8 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Shorewall-perl/Shorewall/Chains.pm
View File

@ -105,6 +105,7 @@ our @EXPORT = qw( STANDARD
expand_rule
addnatjump
insertnatjump
get_interface_address
get_interface_addresses
create_netfilter_load

10
Shorewall-perl/Shorewall/Nat.pm
View File

@ -185,17 +185,13 @@ sub setup_one_masq($$$$$$)
$target .= "--to $addr ";
}
} elsif ( $addresses eq 'detect' ) {
add_commands( $chainref ,
'addrlist=',
join( '', 'for address in ' , get_interface_addresses( $interface ), '; do' ),
' addrlist="$addrlist --to-source $address"',
'done' );
$target = '-j SNAT $addrlist';
my $variable = get_interface_address $interface;
$target = "-j SNAT --to-source $variable";
if ( interface_is_optional $interface ) {
add_commands( $chainref,
'',
'if [ -n "$addrlist" ]; then' );
"if [ \"$variable\" != 0.0.0.0 ]; then" );
push_cmd_mode( $chainref );
$detectaddress = 1;
}

10
Shorewall-perl/compiler.pl
View File

@ -529,16 +529,14 @@ sub generate_script_2 () {
''
);
if ( $capabilities{NAT_ENABLED} && ! $config{RETAIN_ALIASES} ) {
emitj( '',
'if [ -f ${VARDIR}/nat ]; then',
if ( $capabilities{NAT_ENABLED} ) {
emitj( 'if [ -f ${VARDIR}/nat ]; then',
' while read external interface; do',
' del_ip_addr $external $interface',
' done < ${VARDIR}/nat',
'',
' rm -f ${VARDIR}/nat',
'fi',
'' );
"fi\n" );
}
emit "delete_tc1\n" if $config{CLEAR_TC};
@ -571,7 +569,7 @@ sub generate_script_3() {
dump_zone_contents;
emit_unindented '__EOF__';
emit '> ${VARDIR}/nat' unless $config{RETAIN_ALIASES};
emit '> ${VARDIR}/nat';
add_addresses;