projects / project / luci.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: beea3ea)
* Corrected Freifunk NAT rules
authorSteven Barth <steven@midlink.org>
Mon, 28 Apr 2008 07:15:16 +0000 (07:15 +0000)
committerSteven Barth <steven@midlink.org>
Mon, 28 Apr 2008 07:15:16 +0000 (07:15 +0000)
contrib/package/ffluci-splash/src/luci_splash.init patch | blob | history
module/admin-core/contrib/init.d/luci_freifunk patch | blob | history

diff --git a/contrib/package/ffluci-splash/src/luci_splash.init b/contrib/package/ffluci-splash/src/luci_splash.init
index bce432e..20f7865 100644 (file)
--- a/contrib/package/ffluci-splash/src/luci_splash.init
+++ b/contrib/package/ffluci-splash/src/luci_splash.init
@@ -19,8 +19,8 @@ iface_add() {
        
        eval "$(ipcalc.sh $ipaddr $netmask)"
        
        
        eval "$(ipcalc.sh $ipaddr $netmask)"
        
-       iptables -t nat -A luci_splash -i "$iface" -s "$IP/$PREFIX" -j luci_splash_portal
-       iptables -t nat -A luci_splash_portal -i "$iface" -s "$IP/$PREFIX" -d "$ipaddr" -p tcp -m multiport --dports 22,80,443 -j RETURN
+       iptables -t nat -A luci_splash -i "$iface" -s "$NETWORK/$PREFIX" -j luci_splash_portal
+       iptables -t nat -A luci_splash_portal -i "$iface" -s "$NETWORK/$PREFIX" -d "$ipaddr" -p tcp -m multiport --dports 22,80,443 -j RETURN
 }
 
 blacklist_add() {
 }
 
 blacklist_add() {
diff --git a/module/admin-core/contrib/init.d/luci_freifunk b/module/admin-core/contrib/init.d/luci_freifunk
index dbb346f..6b18e14 100644 (file)
--- a/module/admin-core/contrib/init.d/luci_freifunk
+++ b/module/admin-core/contrib/init.d/luci_freifunk
@@ -29,14 +29,24 @@ start() {
        
        ### Lan to Freifunk     
        [ -n "$lanif" ] && {
        
        ### Lan to Freifunk     
        [ -n "$lanif" ] && {
+               config_get ipaddr lan ipaddr
+               config_get netmask lan netmask
+               
+               eval "$(ipcalc.sh $ipaddr $netmask)"
+               
                iptables -A forwarding_rule -i "$lanif" -o "$ffif" -j ACCEPT
                iptables -A forwarding_rule -i "$lanif" -o "$ffif" -j ACCEPT
-               iptables -t nat -A postrouting_rule -i "$lanif" -o "$ffif" -j MASQUERADE
+               iptables -t nat -A postrouting_rule -s "$NETWORK/$PREFIX" -o "$ffif" -j MASQUERADE
        }
        
        ### Freifunk to Wan
        [ "$internet" -gt 0 ] && {
        }
        
        ### Freifunk to Wan
        [ "$internet" -gt 0 ] && {
+               config_get ipaddr ff ipaddr
+               config_get netmask ff netmask
+               
+               eval "$(ipcalc.sh $ipaddr $netmask)"            
+               
                iptables -A forwarding_rule -i "$ffif" -o "$wanif" -j ACCEPT
                iptables -A forwarding_rule -i "$ffif" -o "$wanif" -j ACCEPT
-               iptables -t nat -A postrouting_rule -i "$ffif" -o "$wanif" -j MASQUERADE
+               iptables -t nat -A postrouting_rule -s "$NETWORK/$PREFIX" -o "$wanif" -j MASQUERADE
        }
 }
 
        }
 }
 
Lua Configuration Interface (mirror)