X-Git-Url: https://iankelling.org/git/?p=distro-setup;a=blobdiff_plain;f=vpn-mail-forward;h=7965263cebae29eb071eca2ba417faff935c9c31;hp=9a86e690bb29f3916121c3ec15e86ef79f19dcd1;hb=79b274fcd8bfa556133ab13270e84b40aebe8468;hpb=e893484a0470843582699dc41fe9d69388c63c02

diff --git a/vpn-mail-forward b/vpn-mail-forward
index 9a86e69..7965263 100755
--- a/vpn-mail-forward
+++ b/vpn-mail-forward
@@ -2,15 +2,19 @@
 
 set -eE -o pipefail
 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
-
+m() { printf "%s\n" "$*";  "$@"; }
+gw=$(/usr/sbin/ip route | sed -rn 's/^default via .* dev (\S+).*/\1/p')
 do-forward() {
     cmd=$1; shift
     for port; do
-        /sbin/iptables -t nat $cmd PREROUTING -i eth0 -p tcp -m tcp --dport $port -j DNAT --to-destination 10.8.0.4:$port
+        m /sbin/iptables -t nat $cmd PREROUTING -i $gw -p tcp -m tcp --dport $port -j DNAT --to-destination 10.8.0.4:$port
+        # we could leave these on all the time but its convenient to do it here
     done
+    m /sbin/iptables $cmd FORWARD -i tun+ -o $gw -j ACCEPT
+    m /sbin/iptables $cmd FORWARD -i $gw -o tun+ -j ACCEPT
 }
 
-ports=(25 993)
+ports=(25 143 587)
 case $1 in
     start)
         do-forward -A ${ports[@]}