-
- # Custom prerouting chains (for transparent proxy and port forwarding)
- /sbin/iptables -t nat -N SQUID
- /sbin/iptables -t nat -A PREROUTING -j SQUID
- /sbin/iptables -t nat -N NAT_DESTINATION
- /sbin/iptables -t nat -N NAT_SOURCE
- /sbin/iptables -t nat -A PREROUTING -j NAT_DESTINATION
- /sbin/iptables -t nat -I POSTROUTING 3 -j NAT_SOURCE
-
-
-
- # upnp chain for our upnp daemon
- /sbin/iptables -t nat -N UPNPFW
- /sbin/iptables -t nat -A PREROUTING -j UPNPFW
- /sbin/iptables -N UPNPFW
- /sbin/iptables -A FORWARD -m conntrack --ctstate NEW -j UPNPFW
-
- # Postrouting rules (for port forwarding)
- /sbin/iptables -t nat -A POSTROUTING -m mark --mark 1 -j SNAT --to-source $GREEN_ADDRESS
- if [ "$BLUE_DEV" != "" ]; then
- /sbin/iptables -t nat -A POSTROUTING -m mark --mark 2 -j SNAT --to-source $BLUE_ADDRESS
- fi
- if [ "$ORANGE_DEV" != "" ]; then
- /sbin/iptables -t nat -A POSTROUTING -m mark --mark 3 -j SNAT --to-source $ORANGE_ADDRESS
- fi