Annotation of embedaddon/dnsmasq/contrib/port-forward/dnsmasq-portforward, revision 1.1
1.1 ! misho 1: #!/bin/bash
! 2: #
! 3: # /usr/sbin/dnsmasq-portforward
! 4: #
! 5: # A script which gets run when the dnsmasq DHCP lease database changes.
! 6: # It logs to $LOGFILE, if it exists, and maintains port-forwards using
! 7: # IP-tables so that they always point to the correct host. See
! 8: # $PORTSFILE for details on configuring this. dnsmasq must be version 2.34
! 9: # or later.
! 10: #
! 11: # To enable this script, add
! 12: # dhcp-script=/usr/sbin/dnsmasq-portforward
! 13: # to /etc/dnsmasq.conf
! 14: #
! 15: # To enable logging, touch $LOGFILE
! 16: #
! 17:
! 18: PORTSFILE=/etc/portforward
! 19: LOGFILE=/var/log/dhcp.log
! 20: IPTABLES=/sbin/iptables
! 21:
! 22: action=${1:-0}
! 23: hostname=${4}
! 24:
! 25: # log what's going on.
! 26: if [ -f ${LOGFILE} ] ; then
! 27: date +"%D %T $*" >>${LOGFILE}
! 28: fi
! 29:
! 30: # If a lease gets stripped of a name, we see that as an "old" action
! 31: # with DNSMASQ_OLD_HOSTNAME set, convert it into a "del"
! 32: if [ ${DNSMASQ_OLD_HOSTNAME} ] && [ ${action} = old ] ; then
! 33: action=del
! 34: hostname=${DNSMASQ_OLD_HOSTNAME}
! 35: fi
! 36:
! 37: # IPv6 leases are not our concern. no NAT there!
! 38: if [ ${DNSMASQ_IAID} ] ; then
! 39: exit 0
! 40: fi
! 41:
! 42: # action init is not relevant, and will only be seen when leasefile-ro is set.
! 43: if [ ${action} = init ] ; then
! 44: exit 0
! 45: fi
! 46:
! 47: # action tftp is not relevant.
! 48: if [ ${action} = tftp ] ; then
! 49: exit 0
! 50: fi
! 51:
! 52: if [ ${hostname} ]; then
! 53: ports=$(sed -n -e "/^${hostname}\ .*/ s/^.* //p" ${PORTSFILE})
! 54:
! 55: for port in $ports; do
! 56: verb=removed
! 57: protocol=tcp
! 58: if [ ${port:0:1} = u ] ; then
! 59: protocol=udp
! 60: port=${port/u/}
! 61: fi
! 62: src=${port/:*/}
! 63: dst=${port/*:/}
! 64: # delete first, to avoid multiple copies of rules.
! 65: ${IPTABLES} -t nat -D PREROUTING -p $protocol --destination-port $src -j DNAT --to-destination ${3}:$dst
! 66: if [ ${action} != del ] ; then
! 67: ${IPTABLES} -t nat -A PREROUTING -p $protocol --destination-port $src -j DNAT --to-destination ${3}:$dst
! 68: verb=added
! 69: fi
! 70: if [ -f ${LOGFILE} ] ; then
! 71: echo " DNAT $protocol $src to ${3}:$dst ${verb}." >>${LOGFILE}
! 72: fi
! 73: done
! 74: fi
! 75:
! 76: exit 0
! 77:
! 78:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to dnsmasq-portforward CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / contrib / port-forward