diff options
author | Simon Rettberg | 2014-01-17 19:39:39 +0100 |
---|---|---|
committer | Simon Rettberg | 2014-01-17 19:39:39 +0100 |
commit | bb0282a103944c6e81d43bc09151b8510e6482ce (patch) | |
tree | c2e4343f4c32f952e0d08893919f6d182692fe28 /remote/modules/redsocks | |
parent | Merge branch 'master' of simonslx:openslx-ng/tm-scripts (diff) | |
download | tm-scripts-bb0282a103944c6e81d43bc09151b8510e6482ce.tar.gz tm-scripts-bb0282a103944c6e81d43bc09151b8510e6482ce.tar.xz tm-scripts-bb0282a103944c6e81d43bc09151b8510e6482ce.zip |
Make some modules use iptables-helper
Diffstat (limited to 'remote/modules/redsocks')
-rw-r--r-- | remote/modules/redsocks/data/etc/systemd/system/redsocks.service | 3 | ||||
-rwxr-xr-x | remote/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy | 14 |
2 files changed, 12 insertions, 5 deletions
diff --git a/remote/modules/redsocks/data/etc/systemd/system/redsocks.service b/remote/modules/redsocks/data/etc/systemd/system/redsocks.service index ab10aa55..a1c2b089 100644 --- a/remote/modules/redsocks/data/etc/systemd/system/redsocks.service +++ b/remote/modules/redsocks/data/etc/systemd/system/redsocks.service @@ -7,5 +7,6 @@ Type=forking User=redsocks PIDFile=/run/redsocks/redsocks.pid ExecStart=/sbin/redsocks -c /etc/redsocks.conf -p /run/redsocks/redsocks.pid -ExecStopPost=/bin/rm /run/redsocks/redsocks.pid +ExecStopPost=/bin/rm -f /run/redsocks/redsocks.pid +ExecStopPost=/bin/rm -f /opt/openslx/iptables/rules.d/10-redoscks-proxy Restart=on-abort diff --git a/remote/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy b/remote/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy index 4f802f53..94cb7688 100755 --- a/remote/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy +++ b/remote/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy @@ -29,8 +29,12 @@ mkdir -p /run/redsocks chown redsocks:redsocks /run/redsocks systemctl start redsocks +cat > "/opt/openslx/iptables/rules.d/10-redoscks-proxy" <<HEREDOCBROWN +#!/bin/ash +. /opt/openslx/config + iptables -t nat -N REDSOCKS -iptables -t nat -A REDSOCKS -d "$SLX_PROXY_IP" -j RETURN +iptables -t nat -A REDSOCKS -d "\$SLX_PROXY_IP" -j RETURN iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN @@ -39,9 +43,9 @@ iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN -if [ -n "$SLX_PROXY_BLACKLIST" ]; then - for ADDR in $SLX_PROXY_BLACKLIST; do - iptables -t nat -A REDSOCKS -d "$ADDR" -j RETURN +if [ -n "\$SLX_PROXY_BLACKLIST" ]; then + for ADDR in \$SLX_PROXY_BLACKLIST; do + iptables -t nat -A REDSOCKS -d "\$ADDR" -j RETURN done fi iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-port 12345 @@ -49,4 +53,6 @@ iptables -t nat -A PREROUTING -p tcp -j REDSOCKS iptables -t nat -A OUTPUT -p tcp -j REDSOCKS iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE iptables -A INPUT -i br0 -p tcp --dport 12345 -j DROP +HEREDOCBROWN +chmod +x "/opt/openslx/iptables/rules.d/10-redoscks-proxy" |