[git commit] examples/var_service/fw/run: allow extif's to be more than one iface
Denys Vlasenko
vda.linux at googlemail.com
Thu Sep 2 21:53:48 UTC 2021
commit: https://git.busybox.net/busybox/commit/?id=d7e39f26d711b5736a3a478b0d8b353c0c02e958
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master
Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
examples/var_service/fw/run | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/examples/var_service/fw/run b/examples/var_service/fw/run
index 41078d0ab..15c2b2f0a 100755
--- a/examples/var_service/fw/run
+++ b/examples/var_service/fw/run
@@ -179,7 +179,9 @@ ipt="iptables -t nat -A OUTPUT"
# OUTGOING TRAFFIC
ipt="iptables -t nat -A POSTROUTING"
# Masquerade boxes on my private net
-doit $ipt -s 192.168.0.0/24 -o $extif -j MASQUERADE
+for e in $extif; do
+ doit $ipt -s 192.168.0.0/24 -o $e -j MASQUERADE
+done
# *** mangle ***
### DEBUG
@@ -204,7 +206,9 @@ fi
doit $ipt -p tcp -j REJECT # Anything else isn't ok. REJECT = irc opens faster
# (it probes proxy ports, DROP will incur timeout delays)
ipt="iptables -t filter -A INPUT"
-doit $ipt -i $extif -j iext
+for e in $extif; do
+ doit $ipt -i $e -j iext
+done
echo; echo "* Enabling forwarding"
@@ -222,12 +226,12 @@ echo; echo "* Routing:"
ip r l
echo; echo "* Firewall:"
{
-echo '---FILTER--';
-iptables -v -L -x -n;
-echo '---NAT-----';
-iptables -t nat -v -L -x -n;
-echo '---MANGLE--';
-iptables -t mangle -v -L -x -n;
+echo '---FILTER--'
+iptables -v -L -x -n
+echo '---NAT-----'
+iptables -t nat -v -L -x -n
+echo '---MANGLE--'
+iptables -t mangle -v -L -x -n
} \
| grep -v '^$' | grep -Fv 'bytes target'
echo
More information about the busybox-cvs
mailing list