- iptables_red
-
- # Custom prerouting chains (for transparent proxy and port forwarding)
- /sbin/iptables -t nat -N SQUID
- /sbin/iptables -t nat -A PREROUTING -j SQUID
- /sbin/iptables -t nat -N NAT_DESTINATION
- /sbin/iptables -t nat -N NAT_SOURCE
- /sbin/iptables -t nat -A PREROUTING -j NAT_DESTINATION
- /sbin/iptables -t nat -I POSTROUTING 3 -j NAT_SOURCE
-
-
-
- # upnp chain for our upnp daemon
- /sbin/iptables -t nat -N UPNPFW
- /sbin/iptables -t nat -A PREROUTING -j UPNPFW
- /sbin/iptables -N UPNPFW
- /sbin/iptables -A FORWARD -m conntrack --ctstate NEW -j UPNPFW
-
- # Postrouting rules (for port forwarding)
- /sbin/iptables -t nat -A POSTROUTING -m mark --mark 1 -j SNAT --to-source $GREEN_ADDRESS
- if [ "$BLUE_DEV" != "" ]; then
- /sbin/iptables -t nat -A POSTROUTING -m mark --mark 2 -j SNAT --to-source $BLUE_ADDRESS
+ iptables -N FORWARDFW
+ iptables -A FORWARD -j FORWARDFW
+
+ # SNAT rules
+ iptables -t nat -N NAT_SOURCE
+ iptables -t nat -A POSTROUTING -j NAT_SOURCE
+
+ # Custom prerouting chains (for transparent proxy)
+ iptables -t nat -N SQUID
+ iptables -t nat -A PREROUTING -j SQUID
+
+ # DNAT rules
+ iptables -t nat -N NAT_DESTINATION
+ iptables -t nat -A PREROUTING -j NAT_DESTINATION
+ iptables -t nat -A OUTPUT -j NAT_DESTINATION
+
+ iptables -t mangle -N NAT_DESTINATION
+ iptables -t mangle -A PREROUTING -j NAT_DESTINATION
+
+ iptables -t nat -N NAT_DESTINATION_FIX
+ iptables -t nat -A POSTROUTING -j NAT_DESTINATION_FIX
+
+ iptables -t nat -A NAT_DESTINATION_FIX \
+ -m mark --mark 1 -j SNAT --to-source "${GREEN_ADDRESS}"
+
+ if [ -n "${BLUE_ADDRESS}" ]; then
+ iptables -t nat -A NAT_DESTINATION_FIX \
+ -m mark --mark 2 -j SNAT --to-source "${BLUE_ADDRESS}"