[Astlinux-commits] SF.net SVN: astlinux: [681] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 681
          http://svn.sourceforge.net/astlinux/?rev=681&view=rev
Author:   krisk84
Date:     2007-03-01 09:46:20 -0800 (Thu, 01 Mar 2007)

Log Message:
-----------
add MASQPORTS option to astfw

Modified Paths:
--------------
    trunk/package/iptables/astfw
    trunk/target/generic/target_skeleton/stat/etc/rc.conf

Modified: trunk/package/iptables/astfw
===================================================================

--- trunk/package/iptables/astfw	2007-03-01 15:36:10 UTC (rev 680)
+++ trunk/package/iptables/astfw	2007-03-01 17:46:20 UTC (rev 681)
@@ -247,15 +247,31 @@
 #turn on NAT (PAT) for everything\everyone else...
 for i in $EXTIFS
 do
+
+if [ "$MASQPORTS" ]
+then
+iptables -t nat -A POSTROUTING -s $IPBASE.0/$INTNM -o $i -p udp -j MASQUERADE --to-ports $MASQPORTS
+iptables -t nat -A POSTROUTING -s $IPBASE.0/$INTNM -o $i -p tcp -j MASQUERADE --to-ports $MASQPORTS
+fi
 iptables -t nat -A POSTROUTING -s $IPBASE.0/$INTNM -o $i -j MASQUERADE
 
 if [ "$INT2IF" ]
 then
+if [ "$MASQPORTS" ]
+then
+iptables -t nat -A POSTROUTING -s $IPBASE.0/$INTNM -o $i -p udp -j MASQUERADE --to-ports $MASQPORTS
+iptables -t nat -A POSTROUTING -s $IPBASE.0/$INTNM -o $i -p tcp -j MASQUERADE --to-ports $MASQPORTS
+fi
 iptables -t nat -A POSTROUTING -s $IP2BASE.0/$INT2NM -o $i -j MASQUERADE
 fi
 
 if [ "$INT3IF" ]
 then
+if [ "$MASQPORTS" ]
+then
+iptables -t nat -A POSTROUTING -s $IPBASE.0/$INTNM -o $i -p udp -j MASQUERADE --to-ports $MASQPORTS
+iptables -t nat -A POSTROUTING -s $IPBASE.0/$INTNM -o $i -p tcp -j MASQUERADE --to-ports $MASQPORTS
+fi
 iptables -t nat -A POSTROUTING -s $IP3BASE.0/$INT3NM -o $i -j MASQUERADE
 fi
 done

Modified: trunk/target/generic/target_skeleton/stat/etc/rc.conf
===================================================================
--- trunk/target/generic/target_skeleton/stat/etc/rc.conf	2007-03-01 15:36:10 UTC (rev 680)
+++ trunk/target/generic/target_skeleton/stat/etc/rc.conf	2007-03-01 17:46:20 UTC (rev 681)
@@ -224,6 +224,12 @@
 ##t= tcp u= udp
 #EXTOPEN="t22 u4569"
 
+##MASQPORTS
+##By default the Linux kernel will attempt to use the same source and destination port
+##for a MASQUERADED connection as long as it is above 1023.  This option allows you to
+##force TCP and UDP connections to always be natted within the range of ports defined.
+#MASQPORTS="30000-60000"
+
 ##Master NTP server. This is the NTP server that AstLinux will sync against
 ##upon bootup. It is also the server that the running ntpd process will use
 ##to maintain that time sync.  


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


