Hostux/NAT-rules-fixed-IPv4-provider
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

don't reload firewall-cmd until all commands are added/deleted

Browse source
This commit is contained in:
Oracle Public Cloud User 2024-02-14 18:19:40 +00:00
parent 5e22dcadf1
commit 03290d7a8d
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
configure_NAT_from_RULES
View file

@ -14,7 +14,6 @@ add_NAT_forwarding() {
forward_to_port="$6" forward_to_port="$6"
firewall-cmd --add-rich-rule "rule family=\"ipv4\" destination address=\"$original_destination_ip\" forward-port port=\"$original_destination_port\" protocol=\"$tcp_or_udp\" to-addr=\"$forward_to_ip\" to-port=\"$forward_to_port\"" --permanent > /dev/null firewall-cmd --add-rich-rule "rule family=\"ipv4\" destination address=\"$original_destination_ip\" forward-port port=\"$original_destination_port\" protocol=\"$tcp_or_udp\" to-addr=\"$forward_to_ip\" to-port=\"$forward_to_port\"" --permanent > /dev/null
firewall-cmd --reload > /dev/null
echo "+ [$interface_source][$tcp_or_udp] $original_destination_ip:$original_destination_port --> $forward_to_ip:$forward_to_port" echo "+ [$interface_source][$tcp_or_udp] $original_destination_ip:$original_destination_port --> $forward_to_ip:$forward_to_port"
} }
@ -33,7 +32,6 @@ remove_NAT_forwarding() {
forward_to_port="$6" forward_to_port="$6"
firewall-cmd --remove-rich-rule "rule family=\"ipv4\" destination address=\"$original_destination_ip\" forward-port port=\"$original_destination_port\" protocol=\"$tcp_or_udp\" to-addr=\"$forward_to_ip\" to-port=\"$forward_to_port\"" --permanent > /dev/null firewall-cmd --remove-rich-rule "rule family=\"ipv4\" destination address=\"$original_destination_ip\" forward-port port=\"$original_destination_port\" protocol=\"$tcp_or_udp\" to-addr=\"$forward_to_ip\" to-port=\"$forward_to_port\"" --permanent > /dev/null
firewall-cmd --reload > /dev/null
echo "- [$interface_source][$tcp_or_udp] $original_destination_ip:$original_destination_port --> $forward_to_ip:$forward_to_port" echo "- [$interface_source][$tcp_or_udp] $original_destination_ip:$original_destination_port --> $forward_to_ip:$forward_to_port"
} }
@ -78,4 +76,6 @@ for rule in "${RULES[@]}"; do
esac esac
done done
firewall-cmd --reload > /dev/null
echo -e "\nDone! Don't forget to add/remove the rules in the security list." echo -e "\nDone! Don't forget to add/remove the rules in the security list."