iptables: Cleanup creating SNAT/DNAT chains.

author Michael Tremer <michael.tremer@ipfire.org>

Mon, 8 Jul 2013 13:53:30 +0000 (15:53 +0200)

committer Michael Tremer <michael.tremer@ipfire.org>

Fri, 9 Aug 2013 12:15:33 +0000 (14:15 +0200)
author Michael Tremer <michael.tremer@ipfire.org>
Mon, 8 Jul 2013 13:53:30 +0000 (15:53 +0200)
committer Michael Tremer <michael.tremer@ipfire.org>
Fri, 9 Aug 2013 12:15:33 +0000 (14:15 +0200)
diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall

index 772701eae1a736d56adce5cf3c7cd6002c26a8cc..3f181b1380aa05ee5a76b267932a2716e97a6e66 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -178,17 +178,19 @@ iptables_init() {
         /sbin/iptables -t nat -A POSTROUTING -j REDNAT
  
         iptables_red
-               
-       # Custom prerouting chains (for transparent proxy and port forwarding)
+
+       # Custom prerouting chains (for transparent proxy)
         /sbin/iptables -t nat -N SQUID
         /sbin/iptables -t nat -A PREROUTING -j SQUID
+
+       # DNAT rules
         /sbin/iptables -t nat -N NAT_DESTINATION
-       /sbin/iptables -t nat -N NAT_SOURCE
         /sbin/iptables -t nat -A PREROUTING -j NAT_DESTINATION
-       /sbin/iptables -t nat -I POSTROUTING 3 -j NAT_SOURCE
-       
-       
-       
+
+       # SNAT rules
+       /sbin/iptables -t nat -N NAT_SOURCE
+       /sbin/iptables -t nat -A POSTROUTING -j NAT_SOURCE
+
         # upnp chain for our upnp daemon
         /sbin/iptables -t nat -N UPNPFW
         /sbin/iptables -t nat -A PREROUTING -j UPNPFW
author	Michael Tremer <michael.tremer@ipfire.org>
	Mon, 8 Jul 2013 13:53:30 +0000 (15:53 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Fri, 9 Aug 2013 12:15:33 +0000 (14:15 +0200)