Enable /proc/sys/net/ipv4/conf/INTERFACE/forwarding on NAT

Fix #76
This commit is contained in:
oblique 2015-05-02 02:19:25 +03:00
parent f45e224996
commit 3f08801967

View File

@ -613,6 +613,20 @@ _cleanup() {
rm -rf $CONFDIR rm -rf $CONFDIR
local found=0
for x in $(list_running_conf); do
if [[ -f $x/nat_internet_iface && $(cat $x/nat_internet_iface) == $INTERNET_IFACE ]]; then
found=1
break
fi
done
if [[ $found -eq 0 ]]; then
cp -f $COMMON_CONFDIR/${INTERNET_IFACE}_forwarding \
/proc/sys/net/ipv4/conf/$INTERNET_IFACE/forwarding
rm -f $COMMON_CONFDIR/${INTERNET_IFACE}_forwarding
fi
# if we are the last create_ap instance then set back the common values # if we are the last create_ap instance then set back the common values
if ! has_running_instance; then if ! has_running_instance; then
# kill common processes # kill common processes
@ -730,22 +744,28 @@ clean_exit() {
exit 0 exit 0
} }
list_running() { list_running_conf() {
local PID IFACE x local x
mutex_lock mutex_lock
for x in /tmp/create_ap.*; do for x in /tmp/create_ap.*; do
if [[ -f $x/pid ]]; then if [[ -f $x/pid && -d /proc/$(cat $x/pid) ]]; then
PID=$(cat $x/pid) echo $x
if [[ -d /proc/$PID ]]; then
IFACE=${x#*.}
IFACE=${IFACE%%.*}
echo $PID $IFACE
fi
fi fi
done done
mutex_unlock mutex_unlock
} }
list_running() {
local IFACE x
mutex_lock
for x in $(list_running_conf); do
IFACE=${x#*.}
IFACE=${IFACE%%.*}
echo $(cat $x/pid) $IFACE
done
mutex_unlock
}
has_running_instance() { has_running_instance() {
local PID x local PID x
@ -1133,6 +1153,11 @@ chmod 444 $CONFDIR/pid
COMMON_CONFDIR=/tmp/create_ap.common.conf COMMON_CONFDIR=/tmp/create_ap.common.conf
mkdir -p $COMMON_CONFDIR mkdir -p $COMMON_CONFDIR
if [[ "$SHARE_METHOD" == "nat" ]]; then
echo $INTERNET_IFACE > $CONFDIR/nat_internet_iface
cp -n /proc/sys/net/ipv4/conf/$INTERNET_IFACE/forwarding \
$COMMON_CONFDIR/${INTERNET_IFACE}_forwarding
fi
cp -n /proc/sys/net/ipv4/ip_forward $COMMON_CONFDIR cp -n /proc/sys/net/ipv4/ip_forward $COMMON_CONFDIR
if [[ -e /proc/sys/net/bridge/bridge-nf-call-iptables ]]; then if [[ -e /proc/sys/net/bridge/bridge-nf-call-iptables ]]; then
cp -n /proc/sys/net/bridge/bridge-nf-call-iptables $COMMON_CONFDIR cp -n /proc/sys/net/bridge/bridge-nf-call-iptables $COMMON_CONFDIR
@ -1287,6 +1312,7 @@ if [[ "$SHARE_METHOD" != "none" ]]; then
iptables -t nat -I POSTROUTING -o ${INTERNET_IFACE} -s ${GATEWAY%.*}.0/24 -j MASQUERADE || die iptables -t nat -I POSTROUTING -o ${INTERNET_IFACE} -s ${GATEWAY%.*}.0/24 -j MASQUERADE || die
iptables -I FORWARD -i ${WIFI_IFACE} -s ${GATEWAY%.*}.0/24 -j ACCEPT || die iptables -I FORWARD -i ${WIFI_IFACE} -s ${GATEWAY%.*}.0/24 -j ACCEPT || die
iptables -I FORWARD -i ${INTERNET_IFACE} -d ${GATEWAY%.*}.0/24 -j ACCEPT || die iptables -I FORWARD -i ${INTERNET_IFACE} -d ${GATEWAY%.*}.0/24 -j ACCEPT || die
echo 1 > /proc/sys/net/ipv4/conf/$INTERNET_IFACE/forwarding || die
echo 1 > /proc/sys/net/ipv4/ip_forward || die echo 1 > /proc/sys/net/ipv4/ip_forward || die
# to enable clients to establish PPTP connections we must # to enable clients to establish PPTP connections we must
# load nf_nat_pptp module # load nf_nat_pptp module