File: nicinit.sh

package info (click to toggle)
libreswan 5.2-2.3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 81,644 kB
  • sloc: ansic: 129,988; sh: 32,018; xml: 20,646; python: 10,303; makefile: 3,022; javascript: 1,506; sed: 574; yacc: 511; perl: 264; awk: 52
file content (20 lines) | stat: -rw-r--r-- 821 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
#!/bin/sh
iptables -t nat -F
iptables -F
# NAT
# eth1: 192.1.2.254 - external
# eth2: 192.1.3.254 - internal
# iptables -t nat -A POSTROUTING --source 192.1.3.0/24 --destination 0.0.0.0/0 -j SNAT --to-source 192.1.2.254
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE --proto TCP --source 192.1.3.0/24 --to-port 40000-60000
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE --proto UDP --source 192.1.3.0/24 --to-port 40000-60000
# make sure that we never acidentially let ESP through.
iptables -I FORWARD 1 --proto 50 -j DROP
#iptables -I FORWARD 2 --destination 192.0.2.0/24 -j DROP
#iptables -I FORWARD 3 --source 192.0.2.0/24 -j DROP
# route
#iptables -I INPUT 1 --destination 192.0.2.0/24 -j DROP
# Display the table, so we know it is correct.
iptables -t nat -L -n
iptables -L -n
echo done.
: ==== end ====