diff options
author | Steven Barth <steven@midlink.org> | 2008-04-01 22:15:24 +0000 |
---|---|---|
committer | Steven Barth <steven@midlink.org> | 2008-04-01 22:15:24 +0000 |
commit | e9ff9dd9942748592a1f8ce66fab7dfce46e9779 (patch) | |
tree | 4e7a1a16c803c8cfce207794b7346efa45db7557 /contrib/init.d | |
parent | 799de8987c5c70ce70429700014fd3768b41f3a0 (diff) |
* Fixed firewall scripts
Diffstat (limited to 'contrib/init.d')
-rw-r--r-- | contrib/init.d/luci_fw | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/contrib/init.d/luci_fw b/contrib/init.d/luci_fw index f393719ab9..4cb9c4799e 100644 --- a/contrib/init.d/luci_fw +++ b/contrib/init.d/luci_fw @@ -15,12 +15,14 @@ apply_portfw() { if ([ "$proto" == "tcpudp" ] || [ "$proto" == "tcp" ]); then iptables -t nat -A luci_prerouting -i "$iface" -p tcp --dport "$dport" -j DNAT --to "$to" - iptables -A luci_forward -i "$iface" -p tcp -d "$ip" "$ports" -j ACCEPT + iptables -t nat -A luci_postrouting -p tcp -d "$ip" $ports -j MASQUERADE + iptables -A luci_forward -i "$iface" -p tcp -d "$ip" $ports -j ACCEPT fi if ([ "$proto" == "tcpudp" ] || [ "$proto" == "udp" ]); then iptables -t nat -A luci_prerouting -i "$iface" -p udp --dport "$dport" -j DNAT --to "$to" - iptables -A luci_forward -i "$iface" -p udp -d "$ip" "$ports" -j ACCEPT + iptables -t nat -A luci_postrouting -p udp -d "$ip" $ports -j MASQUERADE + iptables -A luci_forward -i "$iface" -p udp -d "$ip" $ports -j ACCEPT fi } @@ -66,9 +68,6 @@ apply_rule() { config_get jump "$cfg" jump [ -n "$jump" ] && cmd="$cmd -j $jump" - config_get state "$cfg" state - [ -n "$state" ] && cmd="$cmd -m state --state $state" - config_get command "$cfg" command [ -n "$command" ] && cmd="$cmd $command" |