Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
alpine
awall
Commits
9bc75e18
Commit
9bc75e18
authored
Jan 17, 2020
by
Kaarle Ritvanen
Browse files
masquerade: rename chain
avoid double awall prefix
parent
408d036c
Changes
19
Hide whitespace changes
Inline
Side-by-side
awall/modules/masquerade.lua
View file @
9bc75e18
--[[
IPSet-based masquerading module for Alpine Wall
Copyright (C) 2012-20
16
Kaarle Ritvanen
Copyright (C) 2012-20
20
Kaarle Ritvanen
See LICENSE file for license details
]]
--
...
...
@@ -15,12 +15,12 @@ return {
table
=
'nat'
,
chain
=
'POSTROUTING'
,
match
=
'-m set --match-set awall-masquerade src'
,
target
=
'
awall-
masquerade'
target
=
'masquerade'
},
{
family
=
'inet'
,
table
=
'nat'
,
chain
=
'
awall-
masquerade'
,
chain
=
'masquerade'
,
match
=
'-m set ! --match-set awall-masquerade dst'
,
target
=
'MASQUERADE'
}
...
...
test/output/address/dump
View file @
9bc75e18
...
...
@@ -12614,14 +12614,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/address/rules-save
View file @
9bc75e18
...
...
@@ -4240,14 +4240,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/custom/dump
View file @
9bc75e18
...
...
@@ -871,16 +871,16 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth4 -j NETMAP --to 10.1.0.0/12
-A PREROUTING -i eth5 -j NETMAP --to 10.1.0.0/12
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/custom/rules-save
View file @
9bc75e18
...
...
@@ -200,16 +200,16 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth4 -j NETMAP --to 10.1.0.0/12
-A PREROUTING -i eth5 -j NETMAP --to 10.1.0.0/12
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/dedicated/dump
View file @
9bc75e18
...
...
@@ -866,7 +866,7 @@ COMMIT
:awall-OUTPUT - [0:0]
:awall-POSTROUTING - [0:0]
:awall-PREROUTING - [0:0]
:awall-
awall-
masquerade - [0:0]
:awall-masquerade - [0:0]
-A INPUT -j awall-INPUT
-A OUTPUT -j awall-OUTPUT
-A POSTROUTING -j awall-POSTROUTING
...
...
@@ -874,10 +874,10 @@ COMMIT
-A awall-INPUT -j MASQUERADE
-A awall-OUTPUT -j REDIRECT
-A awall-POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A awall-POSTROUTING -m set --match-set awall-masquerade src -j
awall-
awall-masquerade
-A awall-POSTROUTING -m set --match-set awall-masquerade src -j awall-masquerade
-A awall-PREROUTING -i eth0 -j REDIRECT
-A awall-PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
awall-masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A awall-masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/dedicated/rules-save
View file @
9bc75e18
...
...
@@ -214,7 +214,7 @@ COMMIT
:awall-OUTPUT - [0:0]
:awall-POSTROUTING - [0:0]
:awall-PREROUTING - [0:0]
:awall-
awall-
masquerade - [0:0]
:awall-masquerade - [0:0]
-A INPUT -j awall-INPUT
-A OUTPUT -j awall-OUTPUT
-A POSTROUTING -j awall-POSTROUTING
...
...
@@ -222,10 +222,10 @@ COMMIT
-A awall-INPUT -j MASQUERADE
-A awall-OUTPUT -j REDIRECT
-A awall-POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A awall-POSTROUTING -m set --match-set awall-masquerade src -j
awall-
awall-masquerade
-A awall-POSTROUTING -m set --match-set awall-masquerade src -j awall-masquerade
-A awall-PREROUTING -i eth0 -j REDIRECT
-A awall-PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
awall-masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A awall-masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/filter-dnat/dump
View file @
9bc75e18
...
...
@@ -862,16 +862,16 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -p tcp --dport 25 -d 192.168.0.1 -j DNAT --to-destination 10.0.0.1
-A PREROUTING -i eth0 -p tcp --dport 80 -d 192.168.0.2 -j DNAT --to-destination 10.0.0.2:8080
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/filter-dnat/rules-save
View file @
9bc75e18
...
...
@@ -198,16 +198,16 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -p tcp --dport 25 -d 192.168.0.1 -j DNAT --to-destination 10.0.0.1
-A PREROUTING -i eth0 -p tcp --dport 80 -d 192.168.0.2 -j DNAT --to-destination 10.0.0.2:8080
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/filter-limit/dump
View file @
9bc75e18
...
...
@@ -90106,14 +90106,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
test/output/filter-limit/rules-save
View file @
9bc75e18
...
...
@@ -30304,14 +30304,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
test/output/filter/dump
View file @
9bc75e18
...
...
@@ -946,14 +946,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/filter/rules-save
View file @
9bc75e18
...
...
@@ -224,14 +224,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/no-track/dump
View file @
9bc75e18
...
...
@@ -936,14 +936,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/no-track/rules-save
View file @
9bc75e18
...
...
@@ -218,14 +218,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/route-track/dump
View file @
9bc75e18
...
...
@@ -864,14 +864,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/route-track/rules-save
View file @
9bc75e18
...
...
@@ -200,14 +200,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/tproxy/dump
View file @
9bc75e18
...
...
@@ -857,14 +857,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
test/output/tproxy/rules-save
View file @
9bc75e18
...
...
@@ -199,14 +199,14 @@ COMMIT
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:
awall-
masquerade - [0:0]
:masquerade - [0:0]
-A INPUT -j MASQUERADE
-A OUTPUT -j REDIRECT
-A POSTROUTING -o eth1 -d 10.0.0.0/12 -j MASQUERADE
-A POSTROUTING -m set --match-set awall-masquerade src -j
awall-
masquerade
-A POSTROUTING -m set --match-set awall-masquerade src -j masquerade
-A PREROUTING -i eth0 -j REDIRECT
-A PREROUTING -i eth1 -s 10.0.0.0/12 -j REDIRECT
-A
awall-
masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
-A masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
*raw
:OUTPUT ACCEPT [0:0]
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment