freifunk: improve nat rules
This commit is contained in:
parent
4ee1e24064
commit
8adb86f47a
|
@ -44,8 +44,9 @@ in {
|
||||||
# Setup routing into Freifunk,
|
# Setup routing into Freifunk,
|
||||||
# masquerading anything that isn't already their IP range
|
# masquerading anything that isn't already their IP range
|
||||||
extraCommands = ''
|
extraCommands = ''
|
||||||
set +e
|
${pkgs.iproute}/bin/ip rule del priority 300 || true
|
||||||
${pkgs.iproute}/bin/ip rule add to 10.200.0.0/16 table bmx priority 300
|
${pkgs.iproute}/bin/ip rule add to 10.200.0.0/16 table bmx priority 300
|
||||||
|
${pkgs.iptables}/bin/iptables -t nat -F POSTROUTING
|
||||||
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING \
|
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING \
|
||||||
\! --source 10.200.0.0/15 -o ${meshInterface} -j SNAT --to 10.200.${ddmeshAddrPart}
|
\! --source 10.200.0.0/15 -o ${meshInterface} -j SNAT --to 10.200.${ddmeshAddrPart}
|
||||||
set -e
|
set -e
|
||||||
|
|
Loading…
Reference in New Issue