diff options
| -rwxr-xr-x | misc/setup_routing.sh | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/misc/setup_routing.sh b/misc/setup_routing.sh index e11d5ee..6ca904f 100755 --- a/misc/setup_routing.sh +++ b/misc/setup_routing.sh @@ -153,6 +153,14 @@ function nat_setup() { ip addr show dev lo | grep -q "$ip4_public/32" || $DRY ip addr add $ip4_public/32 dev lo + # Remove PRE/POST old rules for the same ip4_public but wrong ip4_nexthop + # (happens if active service is updated, new equipement) + ruleno_pre=$(iptables -t nat -L PREROUTING -n --line-numbers | grep " $ip4_public " | grep -vE "to:$ip4_nexthop$" | cut -d' ' -f1 | head -n1) + [ -n "$ruleno_pre" ] && $DRY iptables -t nat -D PREROUTING $ruleno_pre + ruleno_post=$(iptables -t nat -L POSTROUTING -n --line-numbers | grep -E "to:$ip4_public$" | grep -v " $ip4_nexthop " | cut -d' ' -f1 | head -n1) + [ -n "$ruleno_post" ] && $DRY iptables -t nat -D POSTROUTING $ruleno_post + + # Insert PRE/POST rules if not already there iptables -t nat -L PREROUTING -n --line-numbers | grep -E "to:$ip4_nexthop$" -q \ || $DRY iptables -t nat -A PREROUTING -d $ip4_public -j DNAT --to-destination $ip4_nexthop |