Changeset 128 for system/generators/iptables.php
- Timestamp:
- Dec 23, 2008, 8:23:59 AM (16 years ago)
- File:
-
- 1 edited
-
system/generators/iptables.php (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
system/generators/iptables.php
r118 r128 1 1 <?php 2 include('global.php'); 2 3 include_once('/a/www/centrala/global.php'); 3 4 … … 54 55 //{ 55 56 // exec('/sbin/iptables -t nat -A PreroutingDNAT -m tcp -p tcp --dport 3724 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP'].':3725'); 56 // exec('/sbin/iptables -t nat -A POSTROUTING -m tcp -p tcp -s '.$Row['IP'].' --sport 3725 -o eth1-j SNAT --to-source '.$Row['external_ip'].':3724');57 // exec('/sbin/iptables -t nat -A POSTROUTING -m tcp -p tcp -s '.$Row['IP'].' --sport 3725 -o '.$InetInterface.' -j SNAT --to-source '.$Row['external_ip'].':3724'); 57 58 //} 58 59 if(strtolower($Row['name']) != 'gate') … … 62 63 echo($Row['name'].'='.$Row['external_ip']."\n"); 63 64 64 exec('/sbin/iptables -t nat -A PreroutingDNAT -i eth1-d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']);65 exec('/sbin/iptables -t nat -A PreroutingDNAT -i eth1-d '.$Row['external_ip'].' -j ACCEPT');66 exec('/sbin/iptables -t nat -A POSTROUTING -s '.$Row['IP'].' -o eth1-j SNAT --to-source '.$Row['external_ip']);65 exec('/sbin/iptables -t nat -A PreroutingDNAT -i '.$InetInterface.' -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']); 66 exec('/sbin/iptables -t nat -A PreroutingDNAT -i '.$InetInterface.' -d '.$Row['external_ip'].' -j ACCEPT'); 67 exec('/sbin/iptables -t nat -A POSTROUTING -s '.$Row['IP'].' -o '.$InetInterface.' -j SNAT --to-source '.$Row['external_ip']); 67 68 } 68 69 //exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy"); … … 101 102 //exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']); 102 103 //exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j ACCEPT'); 103 //exec('/sbin/iptables -t nat -A POSTROUTING -p tcp -m tcp --dport 25 -s 212.111.4.174 -o eth1-j SNAT --to-source '.$Row['external_ip']);104 //exec('/sbin/iptables -t nat -A POSTROUTING -p tcp -m tcp --dport 25 -s 212.111.4.174 -o '.$InetInterface.' -j SNAT --to-source '.$Row['external_ip']); 104 105 105 106 // Local network NAT 106 107 $DbResult = $Database->select('hosts', '*', 'name="gate"'); 107 108 $Row = $DbResult->fetch_array(); 108 exec('/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.0.0 -o eth1-j SNAT --to-source '.$Row['external_ip']);109 //exec('/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/255.0.0.0 -o eth1-j SNAT --to-source '.$Row['external_ip']);110 //exec('/sbin/iptables -t nat -A POSTROUTING -s 212.111.16.94 -o eth1-j MASQUERADE');109 exec('/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.0.0 -o '.$InetInterface.' -j SNAT --to-source '.$Row['external_ip']); 110 //exec('/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/255.0.0.0 -o '.$InetInterface.' -j SNAT --to-source '.$Row['external_ip']); 111 //exec('/sbin/iptables -t nat -A POSTROUTING -s 212.111.16.94 -o '.$InetInterface.' -j MASQUERADE'); 111 112 112 113 exec('/sbin/iptables-save>/etc/sysconfig/iptables');
Note:
See TracChangeset
for help on using the changeset viewer.
