masquerade.lua 509 Bytes
Newer Older
1 2 3 4 5 6 7 8 9 10
--[[
IPSet-based masquerading module for Alpine Wall
Copyright (C) 2012 Kaarle Ritvanen
Licensed under the terms of GPL2
]]--


module(..., package.seeall)

-- TODO configuration of the ipset via JSON config
11 12 13 14 15 16
defrules = {['post-snat']={{family='inet', table='nat',
			    chain='POSTROUTING',
			    opts='-m set --match-set awall-masquerade src -j awall-masquerade'},
			   {family='inet', table='nat',
			    chain='awall-masquerade',
			    opts='-m set ! --match-set awall-masquerade dst -j MASQUERADE'}}}