Strona główna Odkrywaj Pomoc
Zaloguj się
arch
/
e-router
Obserwuj 3
Polub 0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

Merge branch 'devel'

Edvinas Valatka 9 lat temu
rodzic
defde2532b 36b9bcbfb5
commit
f555e8983d
1 zmienionych plików z 19 dodań i 9 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 19 9
      e-router

+ 19 - 9
e-router
Wyświetl plik 

@@ -61,18 +61,28 @@ setup_forward() {
 
     iptables -A FORWARD -i ${eth0} -o ${wan} -j ACCEPT
 
     while read -r ip public private ; do
 
         [[ "$ip" =~ ^[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}$ ]] || continue
 
-        [[ "$public" =~ ^[0-9]{1,}$ ]] || continue
 
-        [[ "$private" =~ ^[0-9]{1,}$ ]] || continue
 
-        iptables -A PREROUTING -t nat -i ${wan} -p tcp --dport ${public} -j DNAT --to ${ip}:${private}
 
-        iptables -A FORWARD -i ${wan} -p tcp --syn -d ${ip} --dport ${private} -m conntrack --ctstate NEW --ctproto TCP -j ACCEPT
 
+        [[ "$public" =~ ^[0-9]{1,}|[0-9]{1,}:[0-9]{1,}$ ]] || continue
 
+        [[ "$private" =~ ^[0-9]{1,}|[0-9]{1,}:[0-9]{1,}$ ]] || continue
 
+        if [[ "$public" =~ ^[0-9]{1,}$ ]] ; then
 
+            iptables -A PREROUTING -t nat -i ${wan} -p tcp --dport ${public} -j DNAT --to ${ip}:${private}
 
+            iptables -A FORWARD -i ${wan} -p tcp --syn -d ${ip} --dport ${private} -m conntrack --ctstate NEW --ctproto TCP -j ACCEPT
 
+        else
 
+            iptables -A PREROUTING -t nat -i ${wan} -p tcp --dport ${public} -j DNAT --to ${ip}
 
+            iptables -A FORWARD -i ${wan} -p tcp --syn -d ${ip} --dport ${public} -m conntrack --ctstate NEW --ctproto TCP -j ACCEPT
 
+        fi
 
     done < $confd/FORWARD.tcp
 
 
     while read -r ip public private ; do
 
         [[ "$ip" =~ ^[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}$ ]] || continue
 
-        [[ "$public" =~ ^[0-9]{1,}$ ]] || continue
 
-        [[ "$private" =~ ^[0-9]{1,}$ ]] || continue
 
-        iptables -A PREROUTING -t nat -i ${wan} -p udp --dport ${public} -j DNAT --to ${ip}:${private}
 
-        iptables -A FORWARD -i ${wan} -p udp -d ${ip} --dport ${private} -m conntrack --ctstate NEW --ctproto UDP -j ACCEPT
 
+        [[ "$public" =~ ^[0-9]{1,}|[0-9]{1,}:[0-9]{1,}$ ]] || continue
 
+        [[ "$private" =~ ^[0-9]{1,}|[0-9]{1,}:[0-9]{1,}$ ]] || continue
 
+        if [[ "$public" =~ ^[0-9]{1,}$ ]] ; then
 
+            iptables -A PREROUTING -t nat -i ${wan} -p udp --dport ${public} -j DNAT --to ${ip}:${private}
 
+            iptables -A FORWARD -i ${wan} -p udp -d ${ip} --dport ${private} -m conntrack --ctstate NEW --ctproto UDP -j ACCEPT
 
+        else
 
+            iptables -A PREROUTING -t nat -i ${wan} -p udp --dport ${public} -j DNAT --to ${ip}
 
+            iptables -A FORWARD -i ${wan} -p udp -d ${ip} --dport ${public} -m conntrack --ctstate NEW --ctproto UDP -j ACCEPT
 
+        fi
 
     done < $confd/FORWARD.udp
 
 
     if $logforward ; then
 
@@ -147,7 +157,7 @@ setup_cast() {
 
 }
 
 
 main () {
 
-   defaultHooks="set_defaults setup_whitenets setup_nat setup_forward setup_base setup_badips setup_white setup_public setup_scanips setup_cast setup_final"
 
+    defaultHooks="set_defaults setup_whitenets setup_nat setup_forward setup_base setup_badips setup_white setup_public setup_scanips setup_cast setup_final"
 
     hookarray=(${hooks:-$defaultHooks})
 
     for hook in "${hookarray[@]}" ; do
 
         $hook