File:
[ELWIX - Embedded LightWeight unIX -] /
embedaddon /
dnsmasq /
contrib /
port-forward /
dnsmasq-portforward
Revision
1.1.1.1 (vendor branch):
download - view:
text,
annotated -
select for diffs -
revision graph
Mon Jul 29 19:37:40 2013 UTC (11 years, 1 month ago) by
misho
Branches:
elwix,
dnsmasq,
MAIN
CVS tags:
v8_2p1,
v2_84,
v2_76p1,
v2_71,
v2_66p0,
v2_66,
HEAD
dnsmasq
1: #!/bin/bash
2: #
3: # /usr/sbin/dnsmasq-portforward
4: #
5: # A script which gets run when the dnsmasq DHCP lease database changes.
6: # It logs to $LOGFILE, if it exists, and maintains port-forwards using
7: # IP-tables so that they always point to the correct host. See
8: # $PORTSFILE for details on configuring this. dnsmasq must be version 2.34
9: # or later.
10: #
11: # To enable this script, add
12: # dhcp-script=/usr/sbin/dnsmasq-portforward
13: # to /etc/dnsmasq.conf
14: #
15: # To enable logging, touch $LOGFILE
16: #
17:
18: PORTSFILE=/etc/portforward
19: LOGFILE=/var/log/dhcp.log
20: IPTABLES=/sbin/iptables
21:
22: action=${1:-0}
23: hostname=${4}
24:
25: # log what's going on.
26: if [ -f ${LOGFILE} ] ; then
27: date +"%D %T $*" >>${LOGFILE}
28: fi
29:
30: # If a lease gets stripped of a name, we see that as an "old" action
31: # with DNSMASQ_OLD_HOSTNAME set, convert it into a "del"
32: if [ ${DNSMASQ_OLD_HOSTNAME} ] && [ ${action} = old ] ; then
33: action=del
34: hostname=${DNSMASQ_OLD_HOSTNAME}
35: fi
36:
37: # IPv6 leases are not our concern. no NAT there!
38: if [ ${DNSMASQ_IAID} ] ; then
39: exit 0
40: fi
41:
42: # action init is not relevant, and will only be seen when leasefile-ro is set.
43: if [ ${action} = init ] ; then
44: exit 0
45: fi
46:
47: # action tftp is not relevant.
48: if [ ${action} = tftp ] ; then
49: exit 0
50: fi
51:
52: if [ ${hostname} ]; then
53: ports=$(sed -n -e "/^${hostname}\ .*/ s/^.* //p" ${PORTSFILE})
54:
55: for port in $ports; do
56: verb=removed
57: protocol=tcp
58: if [ ${port:0:1} = u ] ; then
59: protocol=udp
60: port=${port/u/}
61: fi
62: src=${port/:*/}
63: dst=${port/*:/}
64: # delete first, to avoid multiple copies of rules.
65: ${IPTABLES} -t nat -D PREROUTING -p $protocol --destination-port $src -j DNAT --to-destination ${3}:$dst
66: if [ ${action} != del ] ; then
67: ${IPTABLES} -t nat -A PREROUTING -p $protocol --destination-port $src -j DNAT --to-destination ${3}:$dst
68: verb=added
69: fi
70: if [ -f ${LOGFILE} ] ; then
71: echo " DNAT $protocol $src to ${3}:$dst ${verb}." >>${LOGFILE}
72: fi
73: done
74: fi
75:
76: exit 0
77:
78:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>