iankelling.org
/
git
/
distro-setup
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
minor fix
[distro-setup]
/
vpn-mail-forward
diff --git
a/vpn-mail-forward
b/vpn-mail-forward
index 76da42481e041fad201295ce24a2e1f875621a1d..7965263cebae29eb071eca2ba417faff935c9c31 100755
(executable)
--- a/
vpn-mail-forward
+++ b/
vpn-mail-forward
@@
-2,15
+2,19
@@
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
-
+m() { printf "%s\n" "$*"; "$@"; }
+gw=$(/usr/sbin/ip route | sed -rn 's/^default via .* dev (\S+).*/\1/p')
do-forward() {
cmd=$1; shift
for port; do
do-forward() {
cmd=$1; shift
for port; do
- /sbin/iptables -t nat $cmd PREROUTING -i eth0 -p tcp -m tcp --dport $port -j DNAT --to-destination 10.8.0.4:$port
+ m /sbin/iptables -t nat $cmd PREROUTING -i $gw -p tcp -m tcp --dport $port -j DNAT --to-destination 10.8.0.4:$port
+ # we could leave these on all the time but its convenient to do it here
done
done
+ m /sbin/iptables $cmd FORWARD -i tun+ -o $gw -j ACCEPT
+ m /sbin/iptables $cmd FORWARD -i $gw -o tun+ -j ACCEPT
}
}
-ports=(25 143)
+ports=(25 143
587
)
case $1 in
start)
do-forward -A ${ports[@]}
case $1 in
start)
do-forward -A ${ports[@]}