fix: multiple nns could cause removal of nat iptables rule

author Ian Kelling <iank@fsf.org>

Tue, 10 Nov 2020 20:00:00 +0000 (15:00 -0500)

committer Ian Kelling <iank@fsf.org>

Tue, 10 Nov 2020 20:00:00 +0000 (15:00 -0500)
author Ian Kelling <iank@fsf.org>
Tue, 10 Nov 2020 20:00:00 +0000 (15:00 -0500)
committer Ian Kelling <iank@fsf.org>
Tue, 10 Nov 2020 20:00:00 +0000 (15:00 -0500)
diff --git a/newns b/newns

index a3a932511a5b326967208bcd8f8f3b707d7beb0e..894ac310b2963866328fe545b20ced78e1d2ceab 100755 (executable)
--- a/newns
+++ b/newns
@@ -192,7 +192,7 @@ fi
  
  nat() {
    for if in ${gateway_ifs[@]}; do
-    dexec iptables -t nat $1 POSTROUTING -o $if -j MASQUERADE \
+    dexec iptables -t nat $1 POSTROUTING -s $network.0/24 -o $if -j MASQUERADE \
            -m comment --comment "systemd network namespace nat"
    done
  }
author	Ian Kelling <iank@fsf.org>
	Tue, 10 Nov 2020 20:00:00 +0000 (15:00 -0500)
committer	Ian Kelling <iank@fsf.org>
	Tue, 10 Nov 2020 20:00:00 +0000 (15:00 -0500)