Changeset 298 for trunk/system/generators/firewall_nat.php
- Timestamp:
- Oct 3, 2010, 12:29:03 PM (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/system/generators/firewall_nat.php
r292 r298 13 13 14 14 $InetInterface = $Config['MainRouter']['InetInterface']; 15 $LocalInterface = $Config['MainRouter']['InetInterface']; 15 16 $IPCentrala = '10.145.64.8'; 16 17 … … 96 97 // Masquerade hosts without public ip 97 98 $Items[] = array('chain' => 'inet-out', 'action' => 'src-nat', 'to-addresses' => '77.92.221.106', 'comment' => 'Default_NAT'); 99 98 100 // Redirect DNS port 99 101 $Items[] = array('chain' => 'dstnat', 'dst-address' => '212.111.4.174', 'protocol' => 'tcp', 'dst-port' => 53, 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => '10.145.64.8', 'to-ports' => 53, 'comment' => 'DNS_redirection_TCP'); 100 102 $Items[] = array('chain' => 'dstnat', 'dst-address' => '212.111.4.174', 'protocol' => 'udp', 'dst-port' => 53, 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => '10.145.64.8', 'to-ports' => 53, 'comment' => 'DNS_redirection_UDP'); 103 104 105 // Chain for local interface 106 $Items[] = array('chain' => 'srcnat', 'out-interface' => $LocalInterface, 'action' => 'jump', 'jump-target' => 'local-out', 'comment' => 'local-out'); 107 $Items[] = array('chain' => 'dstnat', 'in-interface' => $LocalInterface, 'action' => 'jump', 'jump-target' => 'local-in', 'comment' => 'local-in'); 108 109 // Route public addresses localy 110 $DbResult = $Database->query('SELECT Member.*, Subject.Name FROM Member JOIN Subject ON Member.Subject = Subject.Id'); 111 while($Member = $DbResult->fetch_assoc()) 112 { 113 echo($Member['Name'].': '); 114 // Hosts 115 $DbResult2 = $Database->query('SELECT NetworkInterface.*, NetworkDevice.Name AS DeviceName FROM NetworkInterface LEFT JOIN NetworkDevice ON NetworkDevice.Id = NetworkInterface.Device WHERE (NetworkInterface.ExternalIP <> "") AND (NetworkDevice.Member = '.$Member['Id'].') AND (NetworkInterface.LocalIP != NetworkInterface.ExternalIP) ORDER BY id DESC'); 116 while($Interface = $DbResult2->fetch_assoc()) 117 { 118 $Name = $Interface['DeviceName']; 119 if($Interface['Name'] != '') $Name .= '-'.$Interface['Name']; 120 $Name = RouterOSIdent($Name); 121 echo($Name.'('.$Interface['LocalIP'].'), '); 122 $Items[] = array('chain' => 'local-in', 'dst-address' => $Interface['ExternalIP'], 'action' => 'dst-nat', 'to-addresses' => $Interface['LocalIP'], 'comment' => $Name.'-in-local'); 123 } 124 echo("\n"); 125 } 126 127 // Map returned local traffic to virtual subnet 128 $Items[] = array('chain' => 'local-out', 'src-address' => '10.145.64.0/16', 'action' => 'netmap', 'to-addresses' => '10.45.64.0/16', 'comment' => 'map-local'); 129 101 130 102 131 //print_r($Items);
Note:
See TracChangeset
for help on using the changeset viewer.