add upstream.port-forwarding
This commit is contained in:
parent
2a1b30253c
commit
a9142187f2
|
@ -4,3 +4,8 @@ upstream:
|
|||
up-bandwidth: 6200
|
||||
flow-keys: nfct-src
|
||||
flows: 2048
|
||||
|
||||
port-forwarding:
|
||||
- proto: udp
|
||||
port: 1194
|
||||
to: 172.20.74.9:1194
|
||||
|
|
|
@ -28,6 +28,7 @@ base:
|
|||
'upstream2':
|
||||
- upstream.6slac
|
||||
- upstream.nat66
|
||||
- upstream.port-forwarding
|
||||
'anon*':
|
||||
- no-ssh
|
||||
- forwarding
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
#!/bin/sh
|
||||
|
||||
if [ "$IFACE" = "{{ interface }}" ]; then
|
||||
{%- for fwd in ports %}
|
||||
iptables -t nat -A PREROUTING -i {{ interface }} -p {{ fwd.proto }} --dport {{ fwd.port }} -j DNAT --to-destination {{ fwd.to }}
|
||||
{%- endfor %}
|
||||
fi
|
|
@ -0,0 +1,13 @@
|
|||
{%- set interface = pillar['upstream']['interface'] %}
|
||||
{%- set ports = pillar['port-forwarding'] %}
|
||||
|
||||
/etc/network/if-up.d/port-forwarding:
|
||||
file.managed:
|
||||
- source: salt://upstream/port-forwarding
|
||||
- template: 'jinja'
|
||||
- context:
|
||||
interface: {{ interface }}
|
||||
ports: {{ ports }}
|
||||
- mode: 755
|
||||
- require:
|
||||
- pkg: iptables
|
Loading…
Reference in New Issue