iptables: add a PREROUTING rule so we can proxy for other machines too.

If you run sshuttle on a router, it can handle vpn'ing for all the boxes on your network.
2025-01-16 19:09:01 +01:00 · 2010-05-02 02:00:19 -04:00 · 2010-05-02 02:00:19 -04:00 · a244b325cb
commit a244b325cb
parent 10069f99e2
1 changed files with 2 additions and 0 deletions
--- a/iptables.py
+++ b/iptables.py
@ -44,6 +44,7 @@ def main(port, subnets):
    # basic cleanup/setup of chains
    if chain_exists(chain):
        ipt('-D', 'OUTPUT', '-j', chain)
+        ipt('-D', 'PREROUTING', '-j', chain)
        ipt('-F', chain)
        ipt('-X', chain)

@ -51,6 +52,7 @@ def main(port, subnets):
        ipt('-N', chain)
        ipt('-F', chain)
        ipt('-I', 'OUTPUT', '1', '-j', chain)
+        ipt('-I', 'PREROUTING', '1', '-j', chain)

        # create new subnet entries
        for snet,swidth in subnets: