Changeset 913


Ignore:
Timestamp:
Sep 20, 2021, 9:33:31 PM (3 years ago)
Author:
chronos
Message:
  • Added: Generate NAT rules to redirect public IP addresses targeted from local network. Especially important for speedtest.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Modules/NetworkConfigRouterOS/Generators/FirewallNAT.php

    r887 r913  
    121121    $Items[] = array('chain' => 'inet-out', 'src-address'=> '!212.111.4.174', 'action' => 'src-nat', 'to-addresses' => '77.92.221.188', 'comment' => 'Default_NAT');
    122122
     123    // Translate own public IP addresses into local IP address for local network
     124    $DbResult2 = $this->Database->query('SELECT `NetworkInterface`.*, `NetworkDevice`.`Name` AS `DeviceName`, `NetworkDevice`.`InboundNATPriority` FROM `NetworkInterface`'.
     125      ' LEFT JOIN `NetworkDevice` ON `NetworkDevice`.`Id` = `NetworkInterface`.`Device`'.
     126      ' WHERE (`NetworkInterface`.`ExternalIP` <> "") AND (`NetworkInterface`.`LocalIP` <> "") AND (`NetworkInterface`.`Enabled` = 1)'.
     127      ' AND (`NetworkInterface`.`LocalIP` != `NetworkInterface`.`ExternalIP`) ORDER BY `id` DESC');
     128    while ($Interface = $DbResult2->fetch_assoc())
     129    {
     130      $Name = $Interface['DeviceName'];
     131      if ($Interface['Name'] != '') $Name .= '-'.$Interface['Name'];
     132      $Name = RouterOSIdent($Name);
     133      $Items[] = array('chain' => 'local-in', 'dst-address' => $Interface['ExternalIP'], 'action' => 'dst-nat', 'to-addresses' => $Interface['LocalIP'], 'comment' => $Name.'-ext');
     134    }
     135
    123136    /*
    124      // Route public addresses localy
    125      $DbResult = $this->Database->query('SELECT Member.*, Subject.Name FROM Member JOIN Subject ON Member.Subject = Subject.Id');
    126      while ($Member = $DbResult->fetch_assoc())
    127      {
    128      echo($Member['Name'].': ');
    129      // Hosts
    130      $DbResult2 = $this->Database->query('SELECT NetworkInterface.*, NetworkDevice.Name AS DeviceName FROM NetworkInterface LEFT JOIN NetworkDevice ON NetworkDevice.Id = NetworkInterface.Device WHERE (NetworkInterface.ExternalIP <> "") AND (NetworkDevice.Member = '.$Member['Id'].') AND (NetworkInterface.LocalIP != NetworkInterface.ExternalIP) ORDER BY id DESC');
    131      while ($Interface = $DbResult2->fetch_assoc())
    132      {
    133      $Name = $Interface['DeviceName'];
    134      if ($Interface['Name'] != '') $Name .= '-'.$Interface['Name'];
    135      $Name = RouterOSIdent($Name);
    136      echo($Name.'('.$Interface['LocalIP'].'), ');
    137      $Items[] = array('chain' => 'local-in', 'dst-address' => $Interface['ExternalIP'], 'action' => 'dst-nat', 'to-addresses' => $Interface['LocalIP'], 'comment' => $Name.'-in-local');
    138      }
    139      echo("\n");
    140      }
    141 
    142      // Map returned local traffic to virtual subnet
    143      $Items[] = array('chain' => 'local-out', 'src-address' => '10.145.0.0/16', 'dst-address' => '10.145.0.0/16', 'action' => 'netmap',  'to-addresses' => '10.45.0.0-10.45.255.255', 'comment' => 'map-local');
    144      */
     137    // Map returned local traffic to virtual subnet
     138    $Items[] = array('chain' => 'local-out', 'src-address' => '10.145.0.0/16', 'dst-address' => '10.145.0.0/16', 'action' => 'netmap',  'to-addresses' => '10.45.0.0-10.45.255.255', 'comment' => 'map-local');
     139    */
    145140
    146141    //print_r($Items);
Note: See TracChangeset for help on using the changeset viewer.