diff options
Diffstat (limited to 'core/modules/printergui')
| -rwxr-xr-x | core/modules/printergui/data/opt/openslx/iptables/rules.d/50-lpd-redirect-and-fw | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/core/modules/printergui/data/opt/openslx/iptables/rules.d/50-lpd-redirect-and-fw b/core/modules/printergui/data/opt/openslx/iptables/rules.d/50-lpd-redirect-and-fw index c0b724a2..0a7d0a9a 100755 --- a/core/modules/printergui/data/opt/openslx/iptables/rules.d/50-lpd-redirect-and-fw +++ b/core/modules/printergui/data/opt/openslx/iptables/rules.d/50-lpd-redirect-and-fw @@ -1,8 +1,18 @@ #!/bin/ash -# Close from outside -iptables -A INPUT -i br0 -p tcp --dport 515 -j DROP -iptables -A INPUT -i br0 -p tcp --dport 5515 -j DROP # Redirect from VM to lpd -iptables -t nat -A PREROUTING -s 192.168.0.0/16 -p tcp --dport 515 -j REDIRECT --to-port 5515 +for br in br0 nat1 vsw2; do + [ -d "/sys/class/net/${br}/brif" ] || continue + devs=$(ls -1 "/sys/class/net/${br}/brif/") + for dev in $devs; do + case "$dev" in eth?|eth??|tun?|tun??) continue ;; esac + iptables -t nat -A PREROUTING -m physdev --physdev-in "$dev" -d 192.168.101.1 -p tcp --dport 515 -j REDIRECT --to-port 5515 + iptables -t nat -A PREROUTING -m physdev --physdev-in "$dev" -d 100.100.100.100 -p tcp --dport 515 -j REDIRECT --to-port 5515 + iptables -A INPUT -m physdev --physdev-in "$dev" -p tcp --dport 5515 -j ACCEPT + done +done +# Close from outside +iptables -A INPUT -p tcp --dport 515 -j DROP +iptables -A INPUT -p tcp --dport 5515 -j DROP +exit 0 |