miniupnpd: Add options for netfilter scripts
This commit is contained in:
parent
a4af4a66b2
commit
82ec7bc3df
|
@ -186,6 +186,7 @@ clean:
|
|||
install: miniupnpd miniupnpd.8 miniupnpd.conf genuuid \
|
||||
netfilter/iptables_init.sh netfilter/iptables_removeall.sh \
|
||||
netfilter/ip6tables_init.sh netfilter/ip6tables_removeall.sh \
|
||||
netfilter/miniupnpd_functions.sh \
|
||||
linux/miniupnpd.init.d.script
|
||||
$(STRIP) miniupnpd
|
||||
$(INSTALL) -d $(DESTDIR)$(SBININSTALLDIR)
|
||||
|
@ -195,6 +196,7 @@ install: miniupnpd miniupnpd.8 miniupnpd.conf genuuid \
|
|||
$(INSTALL) netfilter/iptables_removeall.sh $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) netfilter/ip6tables_init.sh $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) netfilter/ip6tables_removeall.sh $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) netfilter/miniupnpd_functions.sh $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) --mode=0644 -b miniupnpd.conf $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) -d $(DESTDIR)$(PREFIX)/etc/init.d
|
||||
$(INSTALL) linux/miniupnpd.init.d.script $(DESTDIR)$(PREFIX)/etc/init.d/miniupnpd
|
||||
|
|
|
@ -20,7 +20,7 @@ CFLAGS = -O -g #-DDEBUG
|
|||
CFLAGS ?= -Os
|
||||
CFLAGS += -fno-strict-aliasing
|
||||
CFLAGS += -fno-common
|
||||
CPPFLAGS += -D_GNU_SOURCE
|
||||
CPPFLAGS += -D_GNU_SOURCE
|
||||
CFLAGS += -Wall
|
||||
CFLAGS += -Wextra -Wstrict-prototypes -Wdeclaration-after-statement
|
||||
#CFLAGS += -Wno-missing-field-initializers
|
||||
|
@ -96,6 +96,7 @@ clean:
|
|||
install: miniupnpd miniupnpd.8 miniupnpd.conf genuuid \
|
||||
netfilter/iptables_init.sh netfilter/iptables_removeall.sh \
|
||||
netfilter/ip6tables_init.sh netfilter/ip6tables_removeall.sh \
|
||||
netfilter/miniupnpd_functions.sh \
|
||||
linux/miniupnpd.init.d.script
|
||||
$(STRIP) miniupnpd
|
||||
$(INSTALL) -d $(DESTDIR)$(SBININSTALLDIR)
|
||||
|
@ -105,6 +106,7 @@ install: miniupnpd miniupnpd.8 miniupnpd.conf genuuid \
|
|||
$(INSTALL) netfilter/iptables_removeall.sh $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) netfilter/ip6tables_init.sh $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) netfilter/ip6tables_removeall.sh $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) netfilter/miniupnpd_functions.sh $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) --mode=0644 -b miniupnpd.conf $(DESTDIR)$(ETCINSTALLDIR)
|
||||
$(INSTALL) -d $(DESTDIR)$(PREFIX)/etc/init.d
|
||||
$(INSTALL) linux/miniupnpd.init.d.script $(DESTDIR)$(PREFIX)/etc/init.d/miniupnpd
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
#! /bin/sh
|
||||
# $Id: ip6tables_display.sh,v 1.1 2012/04/24 22:13:41 nanard Exp $
|
||||
IPTABLES=/sbin/ip6tables
|
||||
|
||||
IPV6=1
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
#display all chains relative to miniupnpd
|
||||
$IPTABLES -v -n -t filter -L FORWARD
|
||||
$IPTABLES -v -n -t filter -L MINIUPNPD
|
||||
|
||||
$IPTABLES -v -n -t filter -L $CHAIN
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
#! /bin/sh
|
||||
# $Id: ip6tables_flush.sh,v 1.1 2012/04/24 22:13:41 nanard Exp $
|
||||
IPTABLES=/sbin/ip6tables
|
||||
|
||||
IPV6=1
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
#flush all rules owned by miniupnpd
|
||||
$IPTABLES -t filter -F MINIUPNPD
|
||||
|
||||
$IPTABLES -t filter -F $CHAIN
|
||||
|
|
|
@ -1,12 +1,22 @@
|
|||
#! /bin/sh
|
||||
# $Id: ip6tables_init.sh,v 1.1 2012/04/24 22:13:41 nanard Exp $
|
||||
IPTABLES=/sbin/ip6tables
|
||||
# $Id: ip6tables_init_and_clean.sh,v 1.1 2012/04/24 22:13:41 nanard Exp $
|
||||
# Improved Miniupnpd iptables init script.
|
||||
# Checks for state of filter before doing anything..
|
||||
|
||||
#change this parameters :
|
||||
EXTIF=eth0
|
||||
|
||||
#adding the MINIUPNPD chain for filter
|
||||
$IPTABLES -t filter -N MINIUPNPD
|
||||
#adding the rule to MINIUPNPD
|
||||
$IPTABLES -t filter -A FORWARD -i $EXTIF ! -o $EXTIF -j MINIUPNPD
|
||||
IPV6=1
|
||||
EXT=1
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
if [ "$FDIRTY" = "${CHAIN}Chain" ]; then
|
||||
echo "Filter table dirty; Cleaning..."
|
||||
elif [ "$FDIRTY" = "Chain" ]; then
|
||||
echo "Dirty filter chain but no reference..? Fixing..."
|
||||
$IPTABLES -t filter -A FORWARD -i $EXTIF ! -o $EXTIF -j $CHAIN
|
||||
else
|
||||
echo "Filter table clean..initalizing.."
|
||||
$IPTABLES -t filter -N $CHAIN
|
||||
$IPTABLES -t filter -A FORWARD -i $EXTIF ! -o $EXTIF -j $CHAIN
|
||||
fi
|
||||
if [ "$CLEAN" = "yes" ]; then
|
||||
$IPTABLES -t filter -F $CHAIN
|
||||
fi
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
#! /bin/sh
|
||||
# $Id: ip6tables_init_and_clean.sh,v 1.1 2012/04/24 22:13:41 nanard Exp $
|
||||
# Improved Miniupnpd iptables init script.
|
||||
# Checks for state of filter before doing anything..
|
||||
|
||||
EXTIF=eth0
|
||||
IPTABLES=/sbin/ip6tables
|
||||
FDIRTY="`LC_ALL=C /sbin/ip6tables -t filter -L -n | grep 'MINIUPNPD' | awk '{printf $1}'`"
|
||||
|
||||
if [[ $FDIRTY = "MINIUPNPDChain" ]]; then
|
||||
echo "Filter table dirty; Cleaning..."
|
||||
$IPTABLES -t filter -F MINIUPNPD
|
||||
elif [[ $FDIRTY = "Chain" ]]; then
|
||||
echo "Dirty filter chain but no reference..? Fixsted."
|
||||
$IPTABLES -t filter -I FORWARD 4 -i $EXTIF ! -o $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t filter -F MINIUPNPD
|
||||
else
|
||||
echo "Filter table clean..initalizing.."
|
||||
$IPTABLES -t filter -N MINIUPNPD
|
||||
$IPTABLES -t filter -I FORWARD 4 -i $EXTIF ! -o $EXTIF -j MINIUPNPD
|
||||
fi
|
||||
|
|
@ -1,13 +1,16 @@
|
|||
#! /bin/sh
|
||||
# $Id: ip6tables_removeall.sh,v 1.1 2012/04/24 22:13:41 nanard Exp $
|
||||
IPTABLES=/sbin/ip6tables
|
||||
|
||||
#change this parameters :
|
||||
EXTIF=eth0
|
||||
IPV6=1
|
||||
EXT=1
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
#removing the MINIUPNPD chain for filter
|
||||
$IPTABLES -t filter -F MINIUPNPD
|
||||
#adding the rule to MINIUPNPD
|
||||
$IPTABLES -t filter -D FORWARD -i $EXTIF ! -o $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t filter -X MINIUPNPD
|
||||
|
||||
if [ "$FDIRTY" = "${CHAIN}Chain" ]; then
|
||||
$IPTABLES -t filter -F $CHAIN
|
||||
$IPTABLES -t filter -D FORWARD -i $EXTIF ! -o $EXTIF -j $CHAIN
|
||||
$IPTABLES -t filter -X $CHAIN
|
||||
elif [ "$FDIRTY" = "Chain" ]; then
|
||||
$IPTABLES -t filter -F $CHAIN
|
||||
$IPTABLES -t filter -X $CHAIN
|
||||
fi
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
#! /bin/sh
|
||||
# $Id: iptables_display.sh,v 1.4 2011/05/16 12:11:37 nanard Exp $
|
||||
IPTABLES=/sbin/iptables
|
||||
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
#display all chains relative to miniupnpd
|
||||
$IPTABLES -v -n -t nat -L PREROUTING
|
||||
$IPTABLES -v -n -t nat -L MINIUPNPD
|
||||
$IPTABLES -v -n -t nat -L $CHAIN
|
||||
$IPTABLES -v -n -t nat -L POSTROUTING
|
||||
$IPTABLES -v -n -t nat -L MINIUPNPD-POSTROUTING
|
||||
$IPTABLES -v -n -t nat -L $CHAIN-POSTROUTING
|
||||
$IPTABLES -v -n -t mangle -L PREROUTING
|
||||
$IPTABLES -v -n -t mangle -L MINIUPNPD
|
||||
$IPTABLES -v -n -t mangle -L $CHAIN
|
||||
$IPTABLES -v -n -t filter -L FORWARD
|
||||
$IPTABLES -v -n -t filter -L MINIUPNPD
|
||||
|
||||
$IPTABLES -v -n -t filter -L $CHAIN
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
#! /bin/sh
|
||||
# $Id: iptables_display.sh,v 1.6 2016/02/09 09:37:44 nanard Exp $
|
||||
IPTABLES=/sbin/iptables
|
||||
# $Id: iptables_display_miniupnpd.sh,v 1.1 2016/02/12 15:23:29 nanard Exp $
|
||||
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
#display miniupnpd chains
|
||||
$IPTABLES -v -n -t nat -L MINIUPNPD
|
||||
$IPTABLES -v -n -t nat -L MINIUPNPD-POSTROUTING
|
||||
$IPTABLES -v -n -t mangle -L MINIUPNPD
|
||||
$IPTABLES -v -n -t filter -L MINIUPNPD
|
||||
|
||||
$IPTABLES -v -n -t nat -L $CHAIN
|
||||
$IPTABLES -v -n -t nat -L $CHAIN-POSTROUTING
|
||||
$IPTABLES -v -n -t mangle -L $CHAIN
|
||||
$IPTABLES -v -n -t filter -L $CHAIN
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
#! /bin/sh
|
||||
# $Id: iptables_flush.sh,v 1.3 2011/05/16 12:11:37 nanard Exp $
|
||||
IPTABLES=/sbin/iptables
|
||||
# $Id: iptables_flush.sh,v 1.6 2017/04/21 11:16:09 nanard Exp $
|
||||
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
#flush all rules owned by miniupnpd
|
||||
$IPTABLES -t nat -F MINIUPNPD
|
||||
$IPTABLES -t nat -F MINIUPNPD-POSTROUTING
|
||||
$IPTABLES -t filter -F MINIUPNPD
|
||||
$IPTABLES -t mangle -F MINIUPNPD
|
||||
|
||||
$IPTABLES -t nat -F $CHAIN
|
||||
$IPTABLES -t nat -F $CHAIN-POSTROUTING
|
||||
$IPTABLES -t filter -F $CHAIN
|
||||
$IPTABLES -t mangle -F $CHAIN
|
||||
|
|
|
@ -1,31 +1,37 @@
|
|||
#! /bin/sh
|
||||
# $Id: iptables_init.sh,v 1.5 2011/05/16 12:11:37 nanard Exp $
|
||||
IPTABLES="`which iptables`" || exit 1
|
||||
IPTABLES="$IPTABLES -w"
|
||||
IP="`which ip`" || exit 1
|
||||
# $Id: iptables_init_and_clean.sh,v 1.7 2017/04/21 11:16:09 nanard Exp $
|
||||
# Improved Miniupnpd iptables init script.
|
||||
# Checks for state of filter before doing anything..
|
||||
|
||||
#change this parameters :
|
||||
#EXTIF=eth0
|
||||
EXTIF="`LC_ALL=C $IP -4 route | grep 'default' | sed -e 's/.*dev[[:space:]]*//' -e 's/[[:space:]].*//'`" || exit 1
|
||||
EXTIP="`LC_ALL=C $IP -4 addr show $EXTIF | awk '/inet/ { print $2 }' | cut -d "/" -f 1`"
|
||||
EXT=1
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
echo "External IP = $EXTIP"
|
||||
if [ "$NDIRTY" = "${CHAIN}Chain" ]; then
|
||||
echo "Nat table dirty; Cleaning..."
|
||||
elif [ "$NDIRTY" = "Chain" ]; then
|
||||
echo "Dirty NAT chain but no reference..? Fixing..."
|
||||
#$IPTABLES -t nat -A PREROUTING -d $EXTIP -i $EXTIF -j $CHAIN
|
||||
$IPTABLES -t nat -A PREROUTING -i $EXTIF -j $CHAIN
|
||||
else
|
||||
echo "NAT table clean..initalizing.."
|
||||
$IPTABLES -t nat -N $CHAIN
|
||||
#$IPTABLES -t nat -A PREROUTING -d $EXTIP -i $EXTIF -j $CHAIN
|
||||
$IPTABLES -t nat -A PREROUTING -i $EXTIF -j $CHAIN
|
||||
fi
|
||||
if [ "$CLEAN" = "yes" ]; then
|
||||
$IPTABLES -t nat -F $CHAIN
|
||||
fi
|
||||
|
||||
#adding the MINIUPNPD chain for nat
|
||||
$IPTABLES -t nat -N MINIUPNPD
|
||||
#adding the rule to MINIUPNPD
|
||||
#$IPTABLES -t nat -A PREROUTING -d $EXTIP -i $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t nat -A PREROUTING -i $EXTIF -j MINIUPNPD
|
||||
|
||||
#adding the MINIUPNPD chain for mangle
|
||||
$IPTABLES -t mangle -N MINIUPNPD
|
||||
$IPTABLES -t mangle -A PREROUTING -i $EXTIF -j MINIUPNPD
|
||||
|
||||
#adding the MINIUPNPD chain for filter
|
||||
$IPTABLES -t filter -N MINIUPNPD
|
||||
#adding the rule to MINIUPNPD
|
||||
$IPTABLES -t filter -A FORWARD -i $EXTIF ! -o $EXTIF -j MINIUPNPD
|
||||
|
||||
#adding the MINIUPNPD chain for nat
|
||||
$IPTABLES -t nat -N MINIUPNPD-POSTROUTING
|
||||
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MINIUPNPD-POSTROUTING
|
||||
if [ "$FDIRTY" = "${CHAIN}Chain" ]; then
|
||||
echo "Filter table dirty; Cleaning..."
|
||||
elif [ "$FDIRTY" = "Chain" ]; then
|
||||
echo "Dirty filter chain but no reference..? Fixing..."
|
||||
$IPTABLES -t filter -A FORWARD -i $EXTIF ! -o $EXTIF -j $CHAIN
|
||||
else
|
||||
echo "Filter table clean..initalizing.."
|
||||
$IPTABLES -t filter -N MINIUPNPD
|
||||
$IPTABLES -t filter -A FORWARD -i $EXTIF ! -o $EXTIF -j $CHAIN
|
||||
fi
|
||||
if [ "$CLEAN" = "yes" ]; then
|
||||
$IPTABLES -t filter -F $CHAIN
|
||||
fi
|
||||
|
|
|
@ -1,42 +0,0 @@
|
|||
#! /bin/sh
|
||||
# $Id: iptables_init_and_clean.sh,v 1.1 2011/05/13 09:58:47 nanard Exp $
|
||||
# Improved Miniupnpd iptables init script.
|
||||
# Checks for state of filter before doing anything..
|
||||
|
||||
IPTABLES="`which iptables`" || exit 1
|
||||
IPTABLES="$IPTABLES -w"
|
||||
IP="`which ip`" || exit 1
|
||||
|
||||
#EXTIF=eth0
|
||||
EXTIF="`LC_ALL=C $IP -4 route | grep 'default' | sed -e 's/.*dev[[:space:]]*//' -e 's/[[:space:]].*//'`" || exit 1
|
||||
EXTIP="`LC_ALL=C $IP -4 addr show $EXTIF | awk '/inet/ { print $2 }' | cut -d "/" -f 1`"
|
||||
|
||||
NDIRTY="`LC_ALL=C $IPTABLES -t nat -L -n | awk '/MINIUPNPD/ {printf $1}'`"
|
||||
FDIRTY="`LC_ALL=C $IPTABLES -t filter -L -n | awk '/MINIUPNPD/ {printf $1}'`"
|
||||
echo "External IP = $EXTIP"
|
||||
|
||||
if [[ $NDIRTY = "MINIUPNPDChain" ]]; then
|
||||
echo "Nat table dirty; Cleaning..."
|
||||
$IPTABLES -t nat -F MINIUPNPD
|
||||
elif [[ $NDIRTY = "Chain" ]]; then
|
||||
echo "Dirty NAT chain but no reference..? Fixsted."
|
||||
$IPTABLES -t nat -A PREROUTING -d $EXTIP -i $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t nat -F MINIUPNPD
|
||||
else
|
||||
echo "NAT table clean..initalizing.."
|
||||
$IPTABLES -t nat -N MINIUPNPD
|
||||
$IPTABLES -t nat -A PREROUTING -d $EXTIP -i $EXTIF -j MINIUPNPD
|
||||
fi
|
||||
if [[ $FDIRTY = "MINIUPNPDChain" ]]; then
|
||||
echo "Filter table dirty; Cleaning..."
|
||||
$IPTABLES -t filter -F MINIUPNPD
|
||||
elif [[ $FDIRTY = "Chain" ]]; then
|
||||
echo "Dirty filter chain but no reference..? Fixsted."
|
||||
$IPTABLES -t filter -I FORWARD 4 -i $EXTIF ! -o $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t filter -F MINIUPNPD
|
||||
else
|
||||
echo "Filter table clean..initalizing.."
|
||||
$IPTABLES -t filter -N MINIUPNPD
|
||||
$IPTABLES -t filter -I FORWARD 4 -i $EXTIF ! -o $EXTIF -j MINIUPNPD
|
||||
fi
|
||||
|
|
@ -1,34 +1,46 @@
|
|||
#! /bin/sh
|
||||
# $Id: iptables_removeall.sh,v 1.5 2011/05/16 12:11:37 nanard Exp $
|
||||
IPTABLES="`which iptables`" || exit 1
|
||||
IPTABLES="$IPTABLES -w"
|
||||
IP="`which ip`" || exit 1
|
||||
# $Id: iptables_removeall.sh,v 1.10 2017/04/21 11:16:09 nanard Exp $
|
||||
|
||||
#change this parameters :
|
||||
#EXTIF=eth0
|
||||
EXTIF="`LC_ALL=C $IP -4 route | grep 'default' | sed -e 's/.*dev[[:space:]]*//' -e 's/[[:space:]].*//'`" || exit 1
|
||||
EXTIP="`LC_ALL=C $IP -4 addr show $EXTIF | awk '/inet/ { print $2 }' | cut -d "/" -f 1`"
|
||||
EXT=1
|
||||
. $(dirname "$0")/miniupnpd_functions.sh
|
||||
|
||||
#removing the MINIUPNPD chain for nat
|
||||
$IPTABLES -t nat -F MINIUPNPD
|
||||
#rmeoving the rule to MINIUPNPD
|
||||
#$IPTABLES -t nat -D PREROUTING -d $EXTIP -i $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t nat -D PREROUTING -i $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t nat -X MINIUPNPD
|
||||
if [ "$NDIRTY" = "${CHAIN}Chain" ]; then
|
||||
$IPTABLES -t nat -F $CHAIN
|
||||
#$IPTABLES -t nat -D PREROUTING -d $EXTIP -i $EXTIF -j $CHAIN
|
||||
$IPTABLES -t nat -D PREROUTING -i $EXTIF -j $CHAIN
|
||||
$IPTABLES -t nat -X $CHAIN
|
||||
elif [ "$NDIRTY" = "Chain" ]; then
|
||||
$IPTABLES -t nat -F $CHAIN
|
||||
$IPTABLES -t nat -X $CHAIN
|
||||
fi
|
||||
|
||||
#removing the MINIUPNPD chain for mangle
|
||||
$IPTABLES -t mangle -F MINIUPNPD
|
||||
$IPTABLES -t mangle -D PREROUTING -i $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t mangle -X MINIUPNPD
|
||||
if [ "$MDIRTY" = "${CHAIN}Chain" ]; then
|
||||
$IPTABLES -t mangle -F $CHAIN
|
||||
$IPTABLES -t mangle -D FORWARD -i $EXTIF -j $CHAIN
|
||||
$IPTABLES -t mangle -X $CHAIN
|
||||
elif [ "$MDIRTY" = "Chain" ]; then
|
||||
$IPTABLES -t mangle -F $CHAIN
|
||||
$IPTABLES -t mangle -X $CHAIN
|
||||
fi
|
||||
|
||||
#removing the MINIUPNPD chain for filter
|
||||
$IPTABLES -t filter -F MINIUPNPD
|
||||
#adding the rule to MINIUPNPD
|
||||
$IPTABLES -t filter -D FORWARD -i $EXTIF ! -o $EXTIF -j MINIUPNPD
|
||||
$IPTABLES -t filter -X MINIUPNPD
|
||||
if [ "$FDIRTY" = "${CHAIN}Chain" ]; then
|
||||
$IPTABLES -t filter -F $CHAIN
|
||||
$IPTABLES -t filter -D FORWARD -i $EXTIF ! -o $EXTIF -j $CHAIN
|
||||
$IPTABLES -t filter -X $CHAIN
|
||||
elif [ "$FDIRTY" = "Chain" ]; then
|
||||
$IPTABLES -t filter -F $CHAIN
|
||||
$IPTABLES -t filter -X $CHAIN
|
||||
fi
|
||||
|
||||
#removing the MINIUPNPD-POSTROUTING chain for nat
|
||||
$IPTABLES -t nat -F MINIUPNPD-POSTROUTING
|
||||
#removing the rule to MINIUPNPD-POSTROUTING
|
||||
$IPTABLES -t nat -D POSTROUTING -o $EXTIF -j MINIUPNPD-POSTROUTING
|
||||
$IPTABLES -t nat -X MINIUPNPD-POSTROUTING
|
||||
if [ "$NPDIRTY" = "${CHAIN}-POSTROUTINGChain" ]; then
|
||||
$IPTABLES -t nat -F $CHAIN-POSTROUTING
|
||||
$IPTABLES -t nat -D POSTROUTING -o $EXTIF -j $CHAIN-POSTROUTING
|
||||
$IPTABLES -t nat -X $CHAIN-POSTROUTING
|
||||
elif [ "$NPDIRTY" = "Chain" ]; then
|
||||
$IPTABLES -t nat -F $CHAIN-POSTROUTING
|
||||
$IPTABLES -t nat -X $CHAIN-POSTROUTING
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,64 @@
|
|||
#! /bin/sh
|
||||
# $Id: miniupnpd_functions.sh,v 1.1 2018/02/24 12:15:19 nanard Exp $
|
||||
|
||||
IP=$(which ip) || {
|
||||
echo "Can't find ip" >&2
|
||||
exit 1
|
||||
}
|
||||
if [ -z "$IPV6" ]; then
|
||||
IPTABLES=$(which iptables) || {
|
||||
echo "Can't find iptables" >&2
|
||||
exit 1
|
||||
}
|
||||
IP="$IP -4"
|
||||
else
|
||||
IPTABLES=$(which ip6tables) || {
|
||||
echo "Can't find ip6tables" >&2
|
||||
exit 1
|
||||
}
|
||||
IP="$IP -6"
|
||||
fi
|
||||
|
||||
CHAIN=MINIUPNPD
|
||||
CLEAN=
|
||||
|
||||
while getopts ":c:i:f" opt; do
|
||||
case $opt in
|
||||
c)
|
||||
CHAIN=$OPTARG
|
||||
;;
|
||||
i)
|
||||
EXTIF=$OPTARG
|
||||
;;
|
||||
f)
|
||||
CLEAN=yes
|
||||
;;
|
||||
\?)
|
||||
echo "Invalid option: -$OPTARG" >&2
|
||||
exit 1
|
||||
;;
|
||||
:)
|
||||
echo "Option -$OPTARG requires an argument." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ -n "$EXT" ]; then
|
||||
if [ -z "$EXTIF" ]; then
|
||||
EXTIF=$(LC_ALL=C $IP route | grep 'default' | sed -e 's/.*dev[[:space:]]*//' -e 's/[[:space:]].*//') || {
|
||||
echo "Can't find default interface" >&2
|
||||
exit 1
|
||||
}
|
||||
fi
|
||||
#if [ -z "$IPV6" ]; then
|
||||
# EXTIP=$(LC_ALL=C $IP addr show $EXTIF | awk '/inet/ { print $2 }' | cut -d "/" -f 1)
|
||||
#fi
|
||||
fi
|
||||
|
||||
FDIRTY=$(LC_ALL=C $IPTABLES -t filter -L -n | awk "/$CHAIN/ {printf \$1}")
|
||||
if [ -z "$IPV6" ]; then
|
||||
NDIRTY=$(LC_ALL=C $IPTABLES -t nat -L -n | awk "/$CHAIN/ {printf \$1}")
|
||||
MDIRTY=$(LC_ALL=C $IPTABLES -t mangle -L -n | awk "/$CHAIN/ {printf \$1}")
|
||||
NPDIRTY=$(LC_ALL=C $IPTABLES -t nat -L -n | awk "/$CHAIN-POSTROUTING/ {printf \$1}")
|
||||
fi
|
Loading…
Reference in New Issue