2014-08-05 15:39 GMT+02:00 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
> Could you give a try to the following patch? Thanks.
yes it works, but the rules are appended every time, not overwritten,
is it the intended behaviour?
I have this after a few run:
table ip nat {
chain post {
type nat hook postrouting priority 0;
ip saddr 192.168.0.0/24 oif eth0 snat 192.168.1.2
ip saddr 192.168.0.0/24 oif eth0 snat 192.168.1.2
ip saddr 192.168.0.0/24 oif eth0 snat 192.168.1.2
ip saddr 192.168.0.0/24 oif eth0 snat 192.168.1.2
ip saddr 192.168.0.0/24 oif eth0 snat 192.168.1.2
ip saddr 192.168.0.0/24 oif eth0 snat 192.168.1.2
ip saddr 192.168.0.0/24 oif eth0 snat 192.168.1.2
ip saddr 192.168.0.0/24 oif eth0 snat 192.168.1.2
}
chain pre {
type nat hook prerouting priority 0;
iif eth0 tcp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 udp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 tcp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 udp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 tcp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 udp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 tcp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 udp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 tcp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 udp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 tcp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 udp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 tcp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 udp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 tcp dport { 51413, 4665, 4672} dnat 192.168.0.20
iif eth0 udp dport { 51413, 4665, 4672} dnat 192.168.0.20
}
}
--
Matteo Croce
OpenWrt Developer
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
