diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2012-06-21 13:09:00 +0000 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2012-06-21 13:09:00 +0000 |
| commit | 059468bdc180bac1bf0866c6343b1384fdf16c52 (patch) | |
| tree | 67cd7ba112a852be4985e6171c9955f44620dfad | |
| parent | e8e6b6bdaa88d48bc17adad1ee5af527608cd0e1 (diff) | |
| download | awall-059468bdc180bac1bf0866c6343b1384fdf16c52.tar.bz2 awall-059468bdc180bac1bf0866c6343b1384fdf16c52.tar.xz | |
ipset-based masquerading moved to a module of its own
| -rw-r--r-- | awall/modules/masquerade.lua | 16 | ||||
| -rw-r--r-- | awall/modules/nat.lua | 6 |
2 files changed, 17 insertions, 5 deletions
diff --git a/awall/modules/masquerade.lua b/awall/modules/masquerade.lua new file mode 100644 index 0000000..7558023 --- /dev/null +++ b/awall/modules/masquerade.lua @@ -0,0 +1,16 @@ +--[[ +IPSet-based masquerading module for Alpine Wall +Copyright (C) 2012 Kaarle Ritvanen +Licensed under the terms of GPL2 +]]-- + + +module(..., package.seeall) + +classes = {} + +-- TODO configuration of the ipset via JSON config +defrules = {pre={{family='inet', table='nat', chain='POSTROUTING', + opts='-m set --match-set awall-masquerade src -j awall-masquerade'}, + {family='inet', table='nat', chain='awall-masquerade', + opts='-m set ! --match-set awall-masquerade dst -j MASQUERADE'}}} diff --git a/awall/modules/nat.lua b/awall/modules/nat.lua index c88b8c6..209eaf0 100644 --- a/awall/modules/nat.lua +++ b/awall/modules/nat.lua @@ -78,8 +78,4 @@ end classes = {{'dnat', DNATRule}, {'snat', SNATRule}} --- TODO configuration of the ipset via JSON config -defrules = {pre={{family='inet', table='nat', chain='POSTROUTING', - opts='-m set --match-set awall-masquerade src -j awall-masquerade'}, - {family='inet', table='nat', chain='awall-masquerade', - opts='-m set ! --match-set awall-masquerade dst -j MASQUERADE'}}} +defrules = {} |