Update firewall to use new network interface names

This commit is contained in:
Daniel Flanagan 2022-01-31 11:59:39 -06:00
parent 351206f735
commit e65f45d4bf

View file

@ -1,4 +1,4 @@
define WAN = eth0 define WAN = wan0
define LAN = lan0 define LAN = lan0
define ROUTER_TCP_PORTS = { 22 } define ROUTER_TCP_PORTS = { 22 }
@ -43,15 +43,15 @@ table ip nat {
chain prerouting { chain prerouting {
type nat hook prerouting priority -100; policy accept; type nat hook prerouting priority -100; policy accept;
# ip daddr 10.0.0.1 tcp dport { 80, 443 } dnat to 10.0.0.10 # ip daddr 10.0.0.1 tcp dport { 80, 443 } dnat to 10.0.0.25
iifname $WAN tcp dport $FACELESS_TCP_PORTS dnat to 10.0.0.10 iifname $WAN tcp dport $FACELESS_TCP_PORTS dnat to 10.0.0.25
# iifname $WAN udp dport $FACELESS_UDP_PORTS dnat to 10.0.0.10 # iifname $WAN udp dport $FACELESS_UDP_PORTS dnat to 10.0.0.25
iifname $WAN udp dport 60000-60009 dnat to 10.0.0.10 iifname $WAN udp dport 60000-60009 dnat to 10.0.0.25
iifname $WAN tcp dport $DRAGON_TCP_PORTS dnat to 10.0.0.5 iifname $WAN tcp dport $DRAGON_TCP_PORTS dnat to 10.0.0.10
# iifname $WAN udp dport $DRAGON_UDP_PORTS dnat to 10.0.0.5 # iifname $WAN udp dport $DRAGON_UDP_PORTS dnat to 10.0.0.10
iifname $WAN udp dport 60020-60029 dnat to 10.0.0.5 iifname $WAN udp dport 60020-60029 dnat to 10.0.0.10
} }
} }