|
@@ -39,8 +39,6 @@ droplog() {
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
forward() {
|
|
forward() {
|
|
|
- ${iptables} -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
|
|
|
|
|
- ${iptables} -A FORWARD -i ${eth0} -o ${wan} -j ACCEPT
|
|
|
|
|
while read -r ip public private ; do
|
|
while read -r ip public private ; do
|
|
|
[[ "$ip" =~ ^[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}$ ]] || continue
|
|
[[ "$ip" =~ ^[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}$ ]] || continue
|
|
|
[[ "$public" =~ ^[0-9]{1,}|[0-9]{1,}:[0-9]{1,}$ ]] || continue
|
|
[[ "$public" =~ ^[0-9]{1,}|[0-9]{1,}:[0-9]{1,}$ ]] || continue
|
|
@@ -76,6 +74,8 @@ forward() {
|
|
|
lan() {
|
|
lan() {
|
|
|
${iptables} -A INPUT -i ${eth0} -j ACCEPT
|
|
${iptables} -A INPUT -i ${eth0} -j ACCEPT
|
|
|
${iptables} -t nat -A POSTROUTING -o ${wan} -s ${locnet} -j MASQUERADE
|
|
${iptables} -t nat -A POSTROUTING -o ${wan} -s ${locnet} -j MASQUERADE
|
|
|
|
|
+ ${iptables} -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
|
|
|
|
|
+ ${iptables} -A FORWARD -i ${eth0} -o ${wan} -j ACCEPT
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
whitenets() {
|
|
whitenets() {
|
