| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | # |
| 3 | # $Id: nat.sh,v 1.4 2009-12-09 08:45:37 steven Exp $ |
| 4 | # |
| 5 | # usage: nat.sh |
| 6 | # |
| 7 | |
| 8 | path_sh=`nv get path_sh` |
| 9 | . $path_sh/global.sh |
| 10 | echo "Info: nat.sh start " >> $test_log |
| 11 | |
| 12 | ZTE_FORWARD_CHAIN=port_forward |
| 13 | ZTE_DMZ_CHAIN=DMZ |
| 14 | ZTE_MAPPING_CHAIN=port_mapping |
| 15 | |
| 16 | iptables -P INPUT ACCEPT |
| 17 | iptables -P OUTPUT ACCEPT |
| 18 | iptables -P FORWARD ACCEPT |
| 19 | |
| 20 | #clear nat |
| 21 | iptables -t nat -F |
| 22 | iptables -t nat -X $ZTE_FORWARD_CHAIN |
| 23 | iptables -t nat -X $ZTE_DMZ_CHAIN |
| 24 | iptables -t nat -X $ZTE_MAPPING_CHAIN |
| 25 | |
| 26 | |
| 27 | #Make a new chain for nat |
| 28 | iptables -t nat -N $ZTE_FORWARD_CHAIN |
| 29 | iptables -t nat -N $ZTE_DMZ_CHAIN |
| 30 | iptables -t nat -N $ZTE_MAPPING_CHAIN |
| 31 | |
| 32 | iptables -t nat -I PREROUTING 1 -j $ZTE_FORWARD_CHAIN |
| 33 | iptables -t nat -I PREROUTING 1 -j $ZTE_DMZ_CHAIN |
| 34 | iptables -t nat -I PREROUTING 1 -j $ZTE_MAPPING_CHAIN |
| 35 | |
| 36 | lan_en=`nv get LanEnable` |
| 37 | nat_en=`nv get natenable` |
| 38 | if [ "-$nat_en" != "-0" -a "-$lan_en" == "-2" ]; then |
| 39 | iptables -t nat -A POSTROUTING -o ${defwan_rel%:*} -j MASQUERADE |
| 40 | elif [ "-$nat_en" != "-0" -a "-$lan_en" != "-0" ]; then |
| 41 | iptables -t nat -A POSTROUTING -o $defwan_rel -j MASQUERADE |
| 42 | fi |
| 43 | |
| 44 | clat46_en=1 |
| 45 | if [ "-$clat46_en" = "-1" ]; then |
| 46 | iptables -t nat -A POSTROUTING -o clat4 -j MASQUERADE |
| 47 | fi |
| 48 | |
| 49 | |