From d0ae7bac01517db1032d494792ba9d8fdf32bd87 Mon Sep 17 00:00:00 2001 From: Vadim Kurland Date: Thu, 17 Feb 2011 17:47:42 -0800 Subject: [PATCH] * NATCompiler_ipt.cpp (processNext): see #2097 #133 "support for inbound and outbound interface columns in iptables NAT rules". This also addresses SF feature requests 1954286 "DNAT with interface as condition not possible" and 621023 "manipulating interface in NAT rule". --- doc/ChangeLog | 6 + src/iptlib/NATCompiler_PrintRule.cpp | 37 +- src/iptlib/NATCompiler_ipt.cpp | 226 +- src/iptlib/NATCompiler_ipt.h | 18 +- test/ipt/cluster1_secuwall-1.fw.orig | 8 +- test/ipt/firewall-base-rulesets.fw.orig | 6 +- test/ipt/firewall-ipv6-1.fw.orig | 6 +- test/ipt/firewall-ipv6-2.fw.orig | 6 +- test/ipt/firewall-ipv6-3.fw.orig | 6 +- test/ipt/firewall-ipv6-4-1.fw.orig | 6 +- test/ipt/firewall-ipv6-4.fw.orig | 6 +- test/ipt/firewall-ipv6-5.fw.orig | 6 +- test/ipt/firewall-ipv6-6.fw.orig | 6 +- test/ipt/firewall-ipv6-7.fw.orig | 6 +- test/ipt/firewall-ipv6-8.fw.orig | 6 +- ...-ipv6-ipt-reset-prolog-after-flush.fw.orig | 6 +- ...-ipt-reset-prolog-after-interfaces.fw.orig | 6 +- ...firewall-ipv6-ipt-reset-prolog-top.fw.orig | 6 +- .../firewall-ipv6-prolog-after-flush.fw.orig | 6 +- ...ewall-ipv6-prolog-after-interfaces.fw.orig | 6 +- test/ipt/firewall-ipv6-prolog-top.fw.orig | 6 +- test/ipt/firewall-server-1-s.fw.orig | 6 +- test/ipt/firewall.fw.orig | 76 +- test/ipt/firewall1.fw.orig | 90 +- test/ipt/firewall10.fw.orig | 6 +- test/ipt/firewall11.fw.orig | 8 +- test/ipt/firewall12.fw.orig | 42 +- test/ipt/firewall13.fw.orig | 6 +- test/ipt/firewall14.fw.orig | 6 +- test/ipt/firewall15.fw.orig | 6 +- test/ipt/firewall16.fw.orig | 56 +- test/ipt/firewall17.fw.orig | 6 +- test/ipt/firewall18.fw.orig | 6 +- test/ipt/firewall19.fw.orig | 6 +- test/ipt/firewall2-1.fw.orig | 276 +- test/ipt/firewall2-2.fw.orig | 276 +- test/ipt/firewall2-3.fw.orig | 276 +- test/ipt/firewall2-4.fw.orig | 12 +- test/ipt/firewall2-5.fw.orig | 8 +- test/ipt/firewall2.fw.orig | 284 +- test/ipt/firewall20-ipv6.fw.orig | 6 +- test/ipt/firewall20.fw.orig | 18 +- test/ipt/firewall21-1.fw.orig | 14 +- test/ipt/firewall21.fw.orig | 14 +- test/ipt/firewall22.fw.orig | 10 +- test/ipt/firewall23-1.fw.orig | 6 +- test/ipt/firewall23.fw.orig | 6 +- test/ipt/firewall24.fw.orig | 6 +- test/ipt/firewall25.fw.orig | 14 +- test/ipt/firewall26.fw.orig | 14 +- test/ipt/firewall27.fw.orig | 14 +- test/ipt/firewall28.fw.orig | 6 +- test/ipt/firewall29.fw.orig | 10 +- test/ipt/firewall3.fw.orig | 6 +- test/ipt/firewall30.fw.orig | 6 +- test/ipt/firewall31.fw.orig | 6 +- test/ipt/firewall32.fw.orig | 8 +- test/ipt/firewall33-1.fw.orig | 16 +- test/ipt/firewall33.fw.orig | 24 +- test/ipt/firewall34.fw.orig | 16 +- test/ipt/firewall35.fw.orig | 16 +- test/ipt/firewall36-1.fw.orig | 6 +- test/ipt/firewall36-2.fw.orig | 6 +- test/ipt/firewall36.fw.orig | 6 +- test/ipt/firewall37-1.fw.orig | 18 +- test/ipt/firewall37.fw.orig | 18 +- test/ipt/firewall38.fw.orig | 6 +- test/ipt/firewall39.fw.orig | 18 +- test/ipt/firewall4.fw.orig | 16 +- test/ipt/firewall40-1.fw.orig | 6 +- test/ipt/firewall40-2.fw.orig | 6 +- test/ipt/firewall40.fw.orig | 6 +- test/ipt/firewall41-1.fw.orig | 12 +- test/ipt/firewall41.fw.orig | 6 +- test/ipt/firewall42.fw.orig | 6 +- test/ipt/firewall5.fw.orig | 14 +- test/ipt/firewall50.fw.orig | 6 +- test/ipt/firewall51.fw.orig | 6 +- test/ipt/firewall6.fw.orig | 32 +- test/ipt/firewall60.fw.orig | 6 +- test/ipt/firewall61-1.2.5.fw.orig | 6 +- test/ipt/firewall61-1.2.6.fw.orig | 6 +- test/ipt/firewall61-1.3.x.fw.orig | 6 +- test/ipt/firewall61-1.4.fw.orig | 6 +- test/ipt/firewall62.fw.orig | 6 +- test/ipt/firewall63.fw.orig | 6 +- test/ipt/firewall7.fw.orig | 6 +- test/ipt/firewall70.fw.orig | 6 +- test/ipt/firewall71.fw.orig | 6 +- test/ipt/firewall72-1.3.x.fw.orig | 14 +- test/ipt/firewall72-1.4.3.fw.orig | 14 +- test/ipt/firewall73.fw.orig | 6 +- test/ipt/firewall74.fw.orig | 6 +- test/ipt/firewall8.fw.orig | 6 +- test/ipt/firewall80.fw.orig | 26 +- test/ipt/firewall81.fw.orig | 18 +- test/ipt/firewall82.fw.orig | 6 +- test/ipt/firewall82_A.fw.orig | 6 +- test/ipt/firewall82_B.fw.orig | 6 +- test/ipt/firewall9.fw.orig | 6 +- test/ipt/firewall90.fw.orig | 6 +- test/ipt/firewall91.fw.orig | 6 +- test/ipt/firewall92.fw.orig | 10 +- test/ipt/firewall93.fw.orig | 6 +- test/ipt/fw-A.fw.orig | 6 +- test/ipt/fw1.fw.orig | 24 +- test/ipt/fwbuilder.fw.orig | 12 +- .../heartbeat_cluster_1_d_linux-1-d.fw.orig | 10 +- .../heartbeat_cluster_1_d_linux-2-d.fw.orig | 10 +- test/ipt/heartbeat_cluster_1_linux-1.fw.orig | 10 +- test/ipt/heartbeat_cluster_1_linux-2.fw.orig | 10 +- test/ipt/heartbeat_cluster_2_linux-1.fw.orig | 6 +- test/ipt/heartbeat_cluster_2_linux-2.fw.orig | 6 +- test/ipt/host.fw.orig | 6 +- test/ipt/objects-for-regression-tests.fwb | 17411 +++++++++------- test/ipt/openais_cluster_1_linux-1.fw.orig | 6 +- test/ipt/openais_cluster_1_linux-2.fw.orig | 6 +- test/ipt/rc.firewall.local | 2 +- test/ipt/rh90.fw.orig | 6 +- .../ipt/secuwall_cluster_1_secuwall-1.fw.orig | 6 +- test/ipt/server-cluster-1_server-1.fw.orig | 6 +- test/ipt/server-cluster-1_server-2.fw.orig | 6 +- test/ipt/test-shadowing-1.fw.orig | 6 +- test/ipt/test-shadowing-2.fw.orig | 6 +- test/ipt/test-shadowing-3.fw.orig | 6 +- test/ipt/test_fw.fw.orig | 12 +- test/ipt/vrrp_cluster_1_linux-1.fw.orig | 6 +- test/ipt/vrrp_cluster_1_linux-2.fw.orig | 6 +- test/ipt/vrrp_cluster_2_linux-1.fw.orig | 6 +- test/ipt/vrrp_cluster_2_linux-2.fw.orig | 6 +- test/ipt/vrrp_cluster_2_linux-3.fw.orig | 6 +- 131 files changed, 11222 insertions(+), 8862 deletions(-) diff --git a/doc/ChangeLog b/doc/ChangeLog index 0ec885906..1a3ea8070 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,5 +1,11 @@ 2011-02-17 vadim + * NATCompiler_ipt.cpp (processNext): see #2097 #133 "support for + inbound and outbound interface columns in iptables NAT + rules". This also addresses SF feature requests 1954286 "DNAT with + interface as condition not possible" and 621023 "manipulating + interface in NAT rule". + * platforms.cpp (setDefaultFailoverGroupAttributes): fixes #2101 "CARP interfaces are set with same advskew". When new PF cluster is created, master advskew paramerer will be set to 10 and backup diff --git a/src/iptlib/NATCompiler_PrintRule.cpp b/src/iptlib/NATCompiler_PrintRule.cpp index 43cc31c0e..709f6de35 100644 --- a/src/iptlib/NATCompiler_PrintRule.cpp +++ b/src/iptlib/NATCompiler_PrintRule.cpp @@ -195,14 +195,47 @@ string NATCompiler_ipt::PrintRule::_printRuleLabel(NATRule *rule) * check and create new chain if needed */ +QString NATCompiler_ipt::PrintRule::getInterfaceName(RuleElement *itf_re) +{ + if (itf_re->isAny()) return ""; + FWObject *iface = FWObjectReference::getObject(itf_re->front()); + QString iface_name = iface->getName().c_str(); + if (iface_name.endsWith("*")) iface_name.replace("*", "+"); + return iface_name; +} + /** *----------------------------------------------------------------------- */ string NATCompiler_ipt::PrintRule::_printChainDirectionAndInterface(NATRule *rule) { + QStringList res; + + RuleElementItfInb *itf_in_re = rule->getItfInb(); assert(itf_in_re!=NULL); + RuleElementItfOutb *itf_out_re = rule->getItfOutb(); assert(itf_out_re!=NULL); + + QString iface_in_name = getInterfaceName(itf_in_re); + QString iface_out_name = getInterfaceName(itf_out_re); + + if (rule->getStr(".iface_in") == "nil") iface_in_name = ""; + if (rule->getStr(".iface_out") == "nil") iface_out_name = ""; + + res << rule->getStr("ipt_chain").c_str(); + + if ( ! iface_in_name.isEmpty()) res << "-i" << iface_in_name; + if ( ! iface_out_name.isEmpty()) res << "-o" << iface_out_name; + + res << ""; + + return res.join(" ").toStdString(); + + + +#if 0 + // OLD SCHOOL std::ostringstream ostr; - string iface_name = rule->getInterfaceStr(); + string iface_name = rule->getInterfaceStr(); if (iface_name=="nil") iface_name=""; /* if interface name ends with '*', this is a wildcard @@ -230,8 +263,10 @@ string NATCompiler_ipt::PrintRule::_printChainDirectionAndInterface(NATRule *rul break; default: break; } + ostr << " "; return ostr.str(); +#endif } string NATCompiler_ipt::PrintRule::_printProtocol(Service *srv) diff --git a/src/iptlib/NATCompiler_ipt.cpp b/src/iptlib/NATCompiler_ipt.cpp index 7189cf83d..c0f67dc15 100644 --- a/src/iptlib/NATCompiler_ipt.cpp +++ b/src/iptlib/NATCompiler_ipt.cpp @@ -173,20 +173,12 @@ string NATCompiler_ipt::getNewTmpChainName(NATRule *rule) string NATCompiler_ipt::debugPrintRule(Rule *r) { NATRule *rule = NATRule::cast(r); - string iface_name = rule->getInterfaceStr(); - if (iface_name.empty()) - { - int iface_id = rule->getInterfaceId(); - FWObject *iface = dbcopy->findInIndex(iface_id); - if (iface) iface_name = iface->getName(); - } return NATCompiler::debugPrintRule(rule)+ - " " + FWObjectDatabase::getStringId(rule->getInterfaceId()) + " c=" + rule->getStr("ipt_chain") + " t=" + rule->getStr("ipt_target") + - " (type="+rule->getRuleTypeAsString()+")" + - " intf=" + iface_name; + " (type="+rule->getRuleTypeAsString()+")"; + } void NATCompiler_ipt::verifyPlatform() @@ -222,6 +214,57 @@ int NATCompiler_ipt::prolog() assert(iface); if ( iface->isDyn()) iface->setBool("use_var_address",true); + + if (iface->isLoopback() || + iface->isUnnumbered() || + iface->isBridgePort() + ) continue; + + /* Bug #1064: "Dedicated IPv6 interfaces show up in + * IPv4-NAT rules". Use interface only if it has addresses + * that match address family we compile for + * + * Include interfaces that have no addresses in the list + * for backwards compatibility. + */ + FWObjectTypedChildIterator ipv4_addresses = + iface->findByType(IPv4::TYPENAME); + FWObjectTypedChildIterator ipv6_addresses = + iface->findByType(IPv6::TYPENAME); + + if ((ipv6 && ipv6_addresses != ipv6_addresses.end()) || + (!ipv6 && ipv4_addresses != ipv4_addresses.end()) || + (ipv4_addresses == ipv4_addresses.end() && ipv6_addresses == ipv6_addresses.end())) + { + /* + * regular_interfaces is a set of groups of + * interfaces, where each group holds references to + * all interfaces with "similar names". The group name + * is then the base name of these interfaces with + * numeric index replaced with "*". For example: + * group "eth*" { eth0, eth1, eth2, ... } + * + * if interface name ends with '*', this is wildcard + * interface. Just replace '*' with '+'. If interace + * name does not end with '*', replace numeric + * interface index with '+'. + */ + + QString iname = QString(iface->getName().c_str()); + iname.replace(QRegExp("[0-9]{1,}$"), "+"); + iname.replace("*", "+"); + + if (regular_interfaces.count(iname) == 0) + { + FWObject *itf_group = dbcopy->create(ObjectGroup::TYPENAME); + dbcopy->add(itf_group); + itf_group->setName(iname.toStdString()); + regular_interfaces[iname] = itf_group; + } + + regular_interfaces[iname]->addRef(iface); + } + } } @@ -1201,32 +1244,41 @@ bool NATCompiler_ipt::splitMultiSrcAndDst::processNext() return true; } - switch (rule->getRuleType()) { + switch (rule->getRuleType()) + { case NATRule::NONAT: case NATRule::SNAT: case NATRule::DNAT: { // get old chain name create new chain name - string new_chain=NATCompiler_ipt::getNewTmpChainName(rule); + string new_chain = NATCompiler_ipt::getNewTmpChainName(rule); // create new rule - NATRule *r= compiler->dbcopy->createNATRule(); + NATRule *r = compiler->dbcopy->createNATRule(); compiler->temp_ruleset->add(r); r->duplicate(rule); // move existing rule onto new chain - rule->setStr("ipt_chain",new_chain); + rule->setStr("ipt_chain", new_chain); // we've already tested for interface .... - rule->setInterfaceStr("nil"); + rule->setStr(".iface_in", "nil"); + rule->setStr(".iface_out", "nil"); // new rule points to new chain, continues if no match - r->setStr("ipt_target",new_chain); + r->setStr("ipt_target", new_chain); // Now decide which way round would be best ... if (nosrc < nodst) { - rodst=r->getODst(); rodst->clearChildren(); rodst->setAnyElement(); - osrc->clearChildren(); osrc->setAnyElement(); - } else { - rosrc=r->getOSrc(); rosrc->clearChildren(); rosrc->setAnyElement(); - odst->clearChildren(); odst->setAnyElement(); + rodst= r->getODst(); + rodst->clearChildren(); + rodst->setAnyElement(); + osrc->clearChildren(); + osrc->setAnyElement(); + } else + { + rosrc = r->getOSrc(); + rosrc->clearChildren(); + rosrc->setAnyElement(); + odst->clearChildren(); + odst->setAnyElement(); } tmp_queue.push_back(r); @@ -1550,7 +1602,9 @@ bool NATCompiler_ipt::doOSrcNegation::processNext() r->setRuleType(NATRule::Return); r->setStr("ipt_target","RETURN"); r->setStr("ipt_chain",new_chain); - r->setInterfaceStr("nil"); + r->setStr(".iface_in", "nil"); + r->setStr(".iface_out", "nil"); + //r->setInterfaceStr("nil"); r->setBool("rule_added_for_osrc_neg",true); tmp_queue.push_back(r); @@ -1564,7 +1618,9 @@ bool NATCompiler_ipt::doOSrcNegation::processNext() ndst->setNeg(false); nsrv->setNeg(false); r->setStr("ipt_chain",new_chain); - r->setInterfaceStr("nil"); + r->setStr(".iface_in", "nil"); + r->setStr(".iface_out", "nil"); + //r->setInterfaceStr("nil"); r->setBool("rule_added_for_osrc_neg",true); tmp_queue.push_back(r); @@ -1628,7 +1684,9 @@ bool NATCompiler_ipt::doODstNegation::processNext() r->setRuleType(NATRule::Return); r->setStr("ipt_target","RETURN"); r->setStr("ipt_chain",new_chain); - r->setInterfaceStr("nil"); + r->setStr(".iface_in", "nil"); + r->setStr(".iface_out", "nil"); + //r->setInterfaceStr("nil"); // r->setBool("rule_added_for_odst_neg",true); tmp_queue.push_back(r); @@ -1642,7 +1700,9 @@ bool NATCompiler_ipt::doODstNegation::processNext() nsrc->setNeg(false); nsrv->setNeg(false); r->setStr("ipt_chain",new_chain); - r->setInterfaceStr("nil"); + r->setStr(".iface_in", "nil"); + r->setStr(".iface_out", "nil"); + //r->setInterfaceStr("nil"); r->setBool("rule_added_for_odst_neg",true); tmp_queue.push_back(r); @@ -1704,7 +1764,9 @@ bool NATCompiler_ipt::doOSrvNegation::processNext() r->setRuleType(NATRule::Return); r->setStr("ipt_target","RETURN"); r->setStr("ipt_chain",new_chain); - r->setInterfaceStr("nil"); + r->setStr(".iface_in", "nil"); + r->setStr(".iface_out", "nil"); + //r->setInterfaceStr("nil"); r->setBool("rule_added_for_osrv_neg",true); tmp_queue.push_back(r); @@ -1718,7 +1780,9 @@ bool NATCompiler_ipt::doOSrvNegation::processNext() nsrc->setNeg(false); ndst->setNeg(false); r->setStr("ipt_chain",new_chain); - r->setInterfaceStr("nil"); + r->setStr(".iface_in", "nil"); + r->setStr(".iface_out", "nil"); + //r->setInterfaceStr("nil"); // r->setBool("rule_added_for_osrv_neg",true); tmp_queue.push_back(r); @@ -1914,6 +1978,11 @@ bool NATCompiler_ipt::splitIfOSrcAny::processNext() tmp_queue.push_back(rule); +/* do not split if user nailed inbound interface */ + RuleElement *itf_re = rule->getItfInb(); + assert(itf_re!=NULL); + if (! itf_re->isAny()) return true; + /* do not split rules added to handle negation, these rules have "any" * in OSrc but get control only after OSrc is tested by another * rule */ @@ -2077,58 +2146,37 @@ bool NATCompiler_ipt::decideOnTarget::processNext() * because it is unnumbered, so the firewall won't translate packets * going through this interface. * + * + * NOTE: this rule processor may place groups of interfaces in inbound + * and outbound interface rule elements. Names of these groups were + * specifically constructed to match "wildcard" interface + * specifications supported by iptables, such as "eth+". Do not call + * rule processors that expand groups after AssignInterface. + * */ bool NATCompiler_ipt::AssignInterface::processNext() { NATCompiler_ipt *ipt_comp = dynamic_cast(compiler); NATRule *rule = getNext(); if (rule==NULL) return false; -// Address *a=NULL; -// FWObject *ref; + RuleElement *itf_re; - list all_interfaces = compiler->fw->getByTypeDeep(Interface::TYPENAME); + itf_re = rule->getItfInb(); + assert(itf_re!=NULL); - if (regular_interfaces.size()==0) + if ( ! itf_re->isAny()) { - for (list::iterator i=all_interfaces.begin(); i!=all_interfaces.end(); ++i) - { - Interface *iface=Interface::cast(*i); - assert(iface); + tmp_queue.push_back(rule); + return true; + } - if (iface->isLoopback() || - iface->isUnnumbered() || - iface->isBridgePort() - ) continue; + itf_re = rule->getItfOutb(); + assert(itf_re!=NULL); - /* Bug #1064: "Dedicated IPv6 interfaces show up in - * IPv4-NAT rules". Use interface only if it has addresses - * that match address family we compile for - * - * Include interfaces that have no addresses in the list - * for backwards compatibility. - */ - FWObjectTypedChildIterator ipv4_addresses = - iface->findByType(IPv4::TYPENAME); - FWObjectTypedChildIterator ipv6_addresses = - iface->findByType(IPv6::TYPENAME); - - if ((ipt_comp->ipv6 && ipv6_addresses != ipv6_addresses.end()) || - (!ipt_comp->ipv6 && ipv4_addresses != ipv4_addresses.end()) || - (ipv4_addresses == ipv4_addresses.end() && ipv6_addresses == ipv6_addresses.end())) - { - /* - * if interface name ends with '*', this is wildcard - * interface. Just replace '*' with '+'. If interace - * name does not end with '*', replace numeric - * interface index with '+'. - */ - - QString iname = QString(iface->getName().c_str()); - iname.replace(QRegExp("[0-9]{1,}$"), "+"); - iname.replace("*", "+"); - regular_interfaces.insert(iname); - } - } + if ( ! itf_re->isAny()) + { + tmp_queue.push_back(rule); + return true; } switch (rule->getRuleType()) @@ -2164,7 +2212,10 @@ bool NATCompiler_ipt::AssignInterface::processNext() // member firewall's inteface but TSrc remains // cluster interface or its address. iface = fw_iface; - rule->setInterfaceId(iface->getId()); + RuleElementItfOutb *itf_re = rule->getItfOutb(); + assert(itf_re!=NULL); + if ( ! itf_re->hasRef(iface)) itf_re->addRef(iface); + //rule->setInterfaceId(iface->getId()); tmp_queue.push_back(rule); return true; } @@ -2172,7 +2223,10 @@ bool NATCompiler_ipt::AssignInterface::processNext() { // parent is the cluster but there is no failover // group. This must be a copy of the member interface. - rule->setInterfaceId(iface->getId()); + RuleElementItfOutb *itf_re = rule->getItfOutb(); + assert(itf_re!=NULL); + if ( ! itf_re->hasRef(iface)) itf_re->addRef(iface); + //rule->setInterfaceId(iface->getId()); tmp_queue.push_back(rule); return true; } @@ -2181,7 +2235,10 @@ bool NATCompiler_ipt::AssignInterface::processNext() { if (iface->isChildOf(compiler->fw)) { - rule->setInterfaceId(iface->getId()); + RuleElementItfOutb *itf_re = rule->getItfOutb(); + assert(itf_re!=NULL); + if ( ! itf_re->hasRef(iface)) itf_re->addRef(iface); + //rule->setInterfaceId(iface->getId()); tmp_queue.push_back(rule); return true; } @@ -2202,12 +2259,18 @@ bool NATCompiler_ipt::AssignInterface::processNext() * but I do it anyway. */ int n = 0; - foreach(QString intf_name, regular_interfaces) + QMap::iterator it; + for (it=ipt_comp->regular_interfaces.begin(); + it!=ipt_comp->regular_interfaces.end(); ++it) { + FWObject *itf_group = it.value(); NATRule *r = compiler->dbcopy->createNATRule(); r->duplicate(rule); compiler->temp_ruleset->add(r); - r->setInterfaceStr(intf_name.toStdString()); + RuleElementItfOutb *itf_re = r->getItfOutb(); + assert(itf_re!=NULL); + if ( ! itf_re->hasRef(itf_group)) itf_re->addRef(itf_group); + //r->setInterfaceStr(intf_name.toStdString()); tmp_queue.push_back(r); n++; } @@ -2403,6 +2466,18 @@ void NATCompiler_ipt::compile() add( new singleRuleFilter()); + add(new expandGroupsInItfInb("expand groups in inbound Interface")); + add(new replaceClusterInterfaceInItfInb( + "replace cluster interfaces with member interfaces in " + "the inbound Interface rule element")); + add(new ItfInbNegation("process negation in inbound Itf")); + + add(new expandGroupsInItfOutb("expand groups in outbound Interface")); + add(new replaceClusterInterfaceInItfOutb( + "replace cluster interfaces with member interfaces in " + "the outbound Interface rule element")); + add(new ItfOutbNegation("process negation in outbound Itf")); + add( new recursiveGroupsInOSrc("check for recursive groups in OSRC")); add( new recursiveGroupsInODst("check for recursive groups in ODST")); add( new recursiveGroupsInOSrv("check for recursive groups in OSRV")); @@ -2547,7 +2622,10 @@ void NATCompiler_ipt::compile() add( new dynamicInterfaceInODst("split if dynamic interface in ODst") ); add( new dynamicInterfaceInTSrc( "set target if dynamic interface in TSrc" ) ); - add( new convertInterfaceIdToStr("prepare interface assignments") ); + //add( new convertInterfaceIdToStr("prepare interface assignments") ); + + add( new ConvertToAtomicForItfInb("convert to atomic for inbound interface") ); + add( new ConvertToAtomicForItfOutb("convert to atomic for outbound interface")); add( new checkForObjectsWithErrors( "check if we have objects with errors in rule elements")); diff --git a/src/iptlib/NATCompiler_ipt.h b/src/iptlib/NATCompiler_ipt.h index 7d5c81f4f..f6b075f3a 100644 --- a/src/iptlib/NATCompiler_ipt.h +++ b/src/iptlib/NATCompiler_ipt.h @@ -34,10 +34,13 @@ #include #include +#include #include #include -namespace libfwbuilder { + +namespace libfwbuilder +{ class Host; class IPService; class ICMPService; @@ -51,10 +54,11 @@ namespace libfwbuilder { class RuleElementTSrv; }; -namespace fwcompiler { - - class NATCompiler_ipt : public NATCompiler { +namespace fwcompiler +{ + class NATCompiler_ipt : public NATCompiler + { protected: class PrintRule; @@ -73,6 +77,9 @@ namespace fwcompiler { // This map is located in CompilerDriver_ipt const std::map > *branch_ruleset_to_chain_mapping; + QMap regular_interfaces; + + static const std::list& getStandardChains(); std::string getInterfaceVarName(libfwbuilder::FWObject *iface, bool v6=false); @@ -241,7 +248,6 @@ namespace fwcompiler { friend class AssignInterface; class AssignInterface : public NATRuleProcessor { - QSet regular_interfaces; public: AssignInterface(const std::string &name) : NATRuleProcessor(name) {} virtual bool processNext(); @@ -496,6 +502,8 @@ namespace fwcompiler { std::string version; void initializeMinusNTracker(); + QString getInterfaceName(libfwbuilder::RuleElement *itf_re); + /* * Prints single --option with argument and negation "!" * taking into account the change that happened in iptables 1.4.3.1 diff --git a/test/ipt/cluster1_secuwall-1.fw.orig b/test/ipt/cluster1_secuwall-1.fw.orig index f0bf61d12..af13435b7 100755 --- a/test/ipt/cluster1_secuwall-1.fw.orig +++ b/test/ipt/cluster1_secuwall-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:57 2011 PST by vadim +# Generated Thu Feb 17 17:38:17 2011 PST by vadim # # files: * cluster1_secuwall-1.fw /etc/cluster1_secuwall-1.fw # @@ -321,7 +321,7 @@ script_body() { # echo "Rule 1 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j REDIRECT --to-ports 3128 @@ -588,7 +588,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:57 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:17 2011 by vadim" log "Database was cluster-tests.fwb" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall-base-rulesets.fw.orig b/test/ipt/firewall-base-rulesets.fw.orig index 0899bd97b..7a8619a21 100755 --- a/test/ipt/firewall-base-rulesets.fw.orig +++ b/test/ipt/firewall-base-rulesets.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:21 2011 PST by vadim +# Generated Thu Feb 17 17:36:36 2011 PST by vadim # # files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw # @@ -445,7 +445,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:21 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:36 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-1.fw.orig b/test/ipt/firewall-ipv6-1.fw.orig index 625d5d30f..bbb0fa55e 100755 --- a/test/ipt/firewall-ipv6-1.fw.orig +++ b/test/ipt/firewall-ipv6-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:44 2011 PST by vadim +# Generated Thu Feb 17 17:36:58 2011 PST by vadim # # files: * firewall-ipv6-1.fw /etc/firewall-ipv6-1.fw # @@ -687,7 +687,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:44 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:58 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-2.fw.orig b/test/ipt/firewall-ipv6-2.fw.orig index eaccfbb14..b6e1c3e98 100755 --- a/test/ipt/firewall-ipv6-2.fw.orig +++ b/test/ipt/firewall-ipv6-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:46 2011 PST by vadim +# Generated Thu Feb 17 17:37:01 2011 PST by vadim # # files: * firewall-ipv6-2.fw /etc/firewall-ipv6-2.fw # @@ -930,7 +930,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:46 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:01 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-3.fw.orig b/test/ipt/firewall-ipv6-3.fw.orig index 8eecda64c..4f6961467 100755 --- a/test/ipt/firewall-ipv6-3.fw.orig +++ b/test/ipt/firewall-ipv6-3.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:09 2011 PST by vadim +# Generated Thu Feb 17 17:37:24 2011 PST by vadim # # files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw # @@ -592,7 +592,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:09 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:24 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-4-1.fw.orig b/test/ipt/firewall-ipv6-4-1.fw.orig index ac4133dbc..fc1d2c46f 100755 --- a/test/ipt/firewall-ipv6-4-1.fw.orig +++ b/test/ipt/firewall-ipv6-4-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:34 2011 PST by vadim +# Generated Thu Feb 17 17:37:50 2011 PST by vadim # # files: * firewall-ipv6-4-1.fw /etc/firewall-ipv6-4-1.fw # @@ -539,7 +539,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:34 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:50 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-4.fw.orig b/test/ipt/firewall-ipv6-4.fw.orig index 134b3f8db..53318785e 100755 --- a/test/ipt/firewall-ipv6-4.fw.orig +++ b/test/ipt/firewall-ipv6-4.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:12 2011 PST by vadim +# Generated Thu Feb 17 17:37:27 2011 PST by vadim # # files: * firewall-ipv6-4.fw /etc/firewall-ipv6-4.fw # @@ -577,7 +577,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:12 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:27 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-5.fw.orig b/test/ipt/firewall-ipv6-5.fw.orig index af3c94740..53c47fe77 100755 --- a/test/ipt/firewall-ipv6-5.fw.orig +++ b/test/ipt/firewall-ipv6-5.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:15 2011 PST by vadim +# Generated Thu Feb 17 17:37:30 2011 PST by vadim # # files: * firewall-ipv6-5.fw /etc/firewall-ipv6-5.fw # @@ -412,7 +412,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:15 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:30 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-6.fw.orig b/test/ipt/firewall-ipv6-6.fw.orig index 4860b38cb..0eaf84f8d 100755 --- a/test/ipt/firewall-ipv6-6.fw.orig +++ b/test/ipt/firewall-ipv6-6.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:18 2011 PST by vadim +# Generated Thu Feb 17 17:37:34 2011 PST by vadim # # files: * firewall-ipv6-6.fw /etc/firewall-ipv6-6.fw # @@ -399,7 +399,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:18 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:34 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-7.fw.orig b/test/ipt/firewall-ipv6-7.fw.orig index a45f2ebd3..a51ce2cd5 100755 --- a/test/ipt/firewall-ipv6-7.fw.orig +++ b/test/ipt/firewall-ipv6-7.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:22 2011 PST by vadim +# Generated Thu Feb 17 17:37:38 2011 PST by vadim # # files: * firewall-ipv6-7.fw /etc/firewall-ipv6-7.fw # @@ -443,7 +443,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:22 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:38 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-8.fw.orig b/test/ipt/firewall-ipv6-8.fw.orig index 8b6e31e0f..bb6478168 100755 --- a/test/ipt/firewall-ipv6-8.fw.orig +++ b/test/ipt/firewall-ipv6-8.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:26 2011 PST by vadim +# Generated Thu Feb 17 17:37:42 2011 PST by vadim # # files: * firewall-ipv6-8.fw /etc/firewall-ipv6-8.fw # @@ -484,7 +484,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:26 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:42 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig index c19f6bfc1..2918eef49 100755 --- a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig +++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:29 2011 PST by vadim +# Generated Thu Feb 17 17:37:46 2011 PST by vadim # # files: * firewall-ipv6-ipt-reset-prolog-after-flush.fw /etc/firewall-ipv6-ipt-reset-prolog-after-flush.fw # @@ -450,7 +450,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:29 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:46 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig index 3d590e790..f04662452 100755 --- a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig +++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:33 2011 PST by vadim +# Generated Thu Feb 17 17:37:50 2011 PST by vadim # # files: * firewall-ipv6-ipt-reset-prolog-after-interfaces.fw /etc/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw # @@ -450,7 +450,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:33 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:50 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig b/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig index 871bfd312..998ac54fd 100755 --- a/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig +++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:36 2011 PST by vadim +# Generated Thu Feb 17 17:37:54 2011 PST by vadim # # files: * firewall-ipv6-ipt-reset-prolog-top.fw /etc/firewall-ipv6-ipt-reset-prolog-top.fw # @@ -450,7 +450,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:36 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:54 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig b/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig index 5d3d524a7..41fe8f722 100755 --- a/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig +++ b/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:38 2011 PST by vadim +# Generated Thu Feb 17 17:37:54 2011 PST by vadim # # files: * firewall-ipv6-prolog-after-flush.fw /etc/firewall-ipv6-prolog-after-flush.fw # @@ -420,7 +420,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:38 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:54 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig b/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig index ba98d22b5..3d46d9526 100755 --- a/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig +++ b/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:40 2011 PST by vadim +# Generated Thu Feb 17 17:37:59 2011 PST by vadim # # files: * firewall-ipv6-prolog-after-interfaces.fw /etc/firewall-ipv6-prolog-after-interfaces.fw # @@ -420,7 +420,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:40 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:59 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-prolog-top.fw.orig b/test/ipt/firewall-ipv6-prolog-top.fw.orig index 198dfdeae..82b6d3bc1 100755 --- a/test/ipt/firewall-ipv6-prolog-top.fw.orig +++ b/test/ipt/firewall-ipv6-prolog-top.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:42 2011 PST by vadim +# Generated Thu Feb 17 17:37:59 2011 PST by vadim # # files: * firewall-ipv6-prolog-top.fw /etc/firewall-ipv6-prolog-top.fw # @@ -420,7 +420,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:42 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:37:59 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-server-1-s.fw.orig b/test/ipt/firewall-server-1-s.fw.orig index d54fa4ec7..75f89010e 100755 --- a/test/ipt/firewall-server-1-s.fw.orig +++ b/test/ipt/firewall-server-1-s.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:43 2011 PST by vadim +# Generated Thu Feb 17 17:38:02 2011 PST by vadim # # files: * firewall-server-1-s.fw /etc/fw/firewall-server-1-s.fw # @@ -393,7 +393,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:43 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:02 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall.fw.orig b/test/ipt/firewall.fw.orig index f86678a37..431f92d53 100755 --- a/test/ipt/firewall.fw.orig +++ b/test/ipt/firewall.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:42 2011 PST by vadim +# Generated Thu Feb 17 17:33:43 2011 PST by vadim # # files: * firewall.fw /etc/fw/firewall.fw # @@ -357,7 +357,7 @@ script_body() { # echo "Rule 1 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 222.222.222.0/24 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 222.222.222.0/24 # # Rule 2 (NAT) # @@ -382,7 +382,7 @@ script_body() { # echo "Rule 4 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 -d 192.168.1.20 --dport 80 -j DNAT --to-destination :3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 -d 192.168.1.20 --dport 80 -j DNAT --to-destination :3128 $IPTABLES -t nat -A POSTROUTING -o eth+ -p tcp -m tcp -s 192.168.1.0/24 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 5 (NAT) @@ -396,29 +396,29 @@ script_body() { # echo "Rule 6 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 25 -j DNAT --to-destination 192.168.1.10:25 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 222.222.222.222 --dport 25 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 25 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 222.222.222.222 --dport 25 -j DNAT --to-destination 192.168.1.10:25 # # Rule 7 (NAT) # echo "Rule 7 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 192.168.1.1 --icmp-type 8/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 222.222.222.222 --icmp-type 8/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 192.168.1.1 --icmp-type 8/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 222.222.222.222 --icmp-type 8/0 -j DNAT --to-destination 192.168.1.10 # # Rule 8 (NAT) # echo "Rule 8 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 192.168.1.1 --icmp-type 8/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 222.222.222.222 --icmp-type 8/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 192.168.1.1 --icmp-type 8/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 222.222.222.222 --icmp-type 8/0 -j DNAT --to-destination 192.168.1.10 # # Rule 9 (NAT) # echo "Rule 9 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 1000:1010 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 1000:1010 -d 222.222.222.222 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 1000:1010 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 1000:1010 -d 222.222.222.222 -j DNAT --to-destination 192.168.1.10 # # Rule 10 (NAT) # @@ -437,15 +437,15 @@ script_body() { # echo "Rule 12 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m mac --mac-source 00:10:4b:de:e9:70 -d 222.222.222.40 --dport 25 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m mac --mac-source 00:10:4b:de:e9:70 -d 222.222.222.41 --dport 25 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m mac --mac-source 00:10:4b:de:e9:70 -d 222.222.222.40 --dport 25 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m mac --mac-source 00:10:4b:de:e9:70 -d 222.222.222.41 --dport 25 -j DNAT --to-destination 192.168.1.10 # # Rule 13 (NAT) # echo "Rule 13 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m mac --mac-source aa:bb:cc:dd:ee:ff -s 192.168.1.15 -d 222.222.222.40 --dport 25 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m mac --mac-source aa:bb:cc:dd:ee:ff -s 192.168.1.15 -d 222.222.222.41 --dport 25 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m mac --mac-source aa:bb:cc:dd:ee:ff -s 192.168.1.15 -d 222.222.222.40 --dport 25 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m mac --mac-source aa:bb:cc:dd:ee:ff -s 192.168.1.15 -d 222.222.222.41 --dport 25 -j DNAT --to-destination 192.168.1.10 # # Rule 14 (NAT) # @@ -453,30 +453,30 @@ script_body() { # $IPTABLES -t nat -N Cid445F52DE31658.0 $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp -s 192.168.1.10 --dport 80 -j Cid445F52DE31658.0 - $IPTABLES -t nat -A Cid445F52DE31658.0 -d 61.150.47.112 -j RETURN - $IPTABLES -t nat -A Cid445F52DE31658.0 -d 223.223.223.223 -j RETURN - $IPTABLES -t nat -A Cid445F52DE31658.0 -p tcp -m tcp --dport 80 -j SNAT --to-source 222.222.222.222 + $IPTABLES -t nat -A Cid445F52DE31658.0 -d 61.150.47.112 -j RETURN + $IPTABLES -t nat -A Cid445F52DE31658.0 -d 223.223.223.223 -j RETURN + $IPTABLES -t nat -A Cid445F52DE31658.0 -p tcp -m tcp --dport 80 -j SNAT --to-source 222.222.222.222 # # Rule 15 (NAT) # echo "Rule 15 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 1024:65535 -d 192.168.1.1 --dport 80 -j DNAT --to-destination 192.168.1.10:80 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 1024:65535 -d 222.222.222.222 --dport 80 -j DNAT --to-destination 192.168.1.10:80 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 1024:65535 -d 192.168.1.1 --dport 80 -j DNAT --to-destination 192.168.1.10:80 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 1024:65535 -d 222.222.222.222 --dport 80 -j DNAT --to-destination 192.168.1.10:80 # # Rule 16 (NAT) # echo "Rule 16 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 53 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 53 -d 222.222.222.222 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 53 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 53 -d 222.222.222.222 -j DNAT --to-destination 192.168.1.10 # # Rule 17 (NAT) # echo "Rule 17 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 4000:4010 -j DNAT --to-destination 192.168.1.10:4000-4010 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 222.222.222.222 --dport 4000:4010 -j DNAT --to-destination 192.168.1.10:4000-4010 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 4000:4010 -j DNAT --to-destination 192.168.1.10:4000-4010 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 222.222.222.222 --dport 4000:4010 -j DNAT --to-destination 192.168.1.10:4000-4010 # # Rule 18 (NAT) # @@ -488,13 +488,13 @@ script_body() { # echo "Rule 19 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.10 --dport 3128 -j DNAT --to-destination :80 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.10 --dport 3128 -j DNAT --to-destination :80 # # Rule 20 (NAT) # echo "Rule 20 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 3128 -j DNAT --to-destination :80 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 3128 -j DNAT --to-destination :80 # # Rule 21 (NAT) # @@ -504,10 +504,10 @@ script_body() { # and account for # no more than 15 ports # per rule - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 222.222.222.222 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 222.222.222.222 --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 222.222.222.222 --dports 143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 222.222.222.222 --dports 514,4321,465,1080,111,7100 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 222.222.222.222 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 222.222.222.222 --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 222.222.222.222 --dports 143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 222.222.222.222 --dports 514,4321,465,1080,111,7100 -j DNAT --to-destination 192.168.1.10 # # Rule 22 (NAT) # @@ -518,12 +518,12 @@ script_body() { # no more than 15 ports # per rule $IPTABLES -t nat -N Cid3EF4288E.0 - $IPTABLES -t nat -A PREROUTING -d 222.222.222.222 -j Cid3EF4288E.0 - $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp --dport 10000:11000 -j RETURN - $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443 -j RETURN - $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport --dports 143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513 -j RETURN - $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport --dports 514,4321,465,1080,111,7100 -j RETURN - $IPTABLES -t nat -A Cid3EF4288E.0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -d 222.222.222.222 -j Cid3EF4288E.0 + $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp --dport 10000:11000 -j RETURN + $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443 -j RETURN + $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport --dports 143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513 -j RETURN + $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport --dports 514,4321,465,1080,111,7100 -j RETURN + $IPTABLES -t nat -A Cid3EF4288E.0 -j DNAT --to-destination 192.168.1.10 @@ -1341,7 +1341,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:42 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:43 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall1.fw.orig b/test/ipt/firewall1.fw.orig index e228b5139..5f31a5848 100755 --- a/test/ipt/firewall1.fw.orig +++ b/test/ipt/firewall1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:44 2011 PST by vadim +# Generated Thu Feb 17 17:33:45 2011 PST by vadim # # files: * firewall1.fw /etc/fw/firewall1.fw # @@ -306,8 +306,8 @@ script_body() { # echo "Rule 0 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -d 192.168.2.0/24 -j ACCEPT - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d 192.168.2.0/24 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -d 192.168.2.0/24 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d 192.168.2.0/24 -j ACCEPT # # Rule 1 (NAT) # @@ -364,11 +364,11 @@ script_body() { $IPTABLES -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -j Cid3CCA1B57.0 $IPTABLES -t nat -A POSTROUTING -o eth3 -s 192.168.1.0/24 -j Cid3CCA1B57.0 $IPTABLES -t nat -A POSTROUTING -o eth2 -s 192.168.1.0/24 -j Cid3CCA1B57.0 - $IPTABLES -t nat -A Cid3CCA1B57.0 -d 192.168.1.0/24 -j RETURN - $IPTABLES -t nat -A Cid3CCA1B57.0 -d 192.168.2.0/24 -j RETURN - $IPTABLES -t nat -A Cid3CCA1B57.0 -j SNAT --to-source 22.22.22.22 - $IPTABLES -t nat -A Cid3CCA1B57.0 -j SNAT --to-source 22.22.23.23 - $IPTABLES -t nat -A Cid3CCA1B57.0 -j SNAT --to-source 192.168.2.1 + $IPTABLES -t nat -A Cid3CCA1B57.0 -d 192.168.1.0/24 -j RETURN + $IPTABLES -t nat -A Cid3CCA1B57.0 -d 192.168.2.0/24 -j RETURN + $IPTABLES -t nat -A Cid3CCA1B57.0 -j SNAT --to-source 22.22.22.22 + $IPTABLES -t nat -A Cid3CCA1B57.0 -j SNAT --to-source 22.22.23.23 + $IPTABLES -t nat -A Cid3CCA1B57.0 -j SNAT --to-source 192.168.2.1 # # Rule 9 (NAT) # @@ -378,11 +378,11 @@ script_body() { $IPTABLES -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -j Cid3EB38983.0 $IPTABLES -t nat -A POSTROUTING -o eth3 -s 192.168.1.0/24 -j Cid3EB38983.0 $IPTABLES -t nat -A POSTROUTING -o eth2 -s 192.168.1.0/24 -j Cid3EB38983.0 - $IPTABLES -t nat -A Cid3EB38983.0 -d 192.168.1.0/24 -j RETURN - $IPTABLES -t nat -A Cid3EB38983.0 -d 192.168.2.0/24 -j RETURN - $IPTABLES -t nat -A Cid3EB38983.0 -j SNAT --to-source 22.22.22.22 - $IPTABLES -t nat -A Cid3EB38983.0 -j SNAT --to-source 22.22.23.23 - $IPTABLES -t nat -A Cid3EB38983.0 -j SNAT --to-source 192.168.2.1 + $IPTABLES -t nat -A Cid3EB38983.0 -d 192.168.1.0/24 -j RETURN + $IPTABLES -t nat -A Cid3EB38983.0 -d 192.168.2.0/24 -j RETURN + $IPTABLES -t nat -A Cid3EB38983.0 -j SNAT --to-source 22.22.22.22 + $IPTABLES -t nat -A Cid3EB38983.0 -j SNAT --to-source 22.22.23.23 + $IPTABLES -t nat -A Cid3EB38983.0 -j SNAT --to-source 192.168.2.1 # # Rule 10 (NAT) # @@ -397,75 +397,75 @@ script_body() { echo "Rule 11 (NAT)" # $IPTABLES -t nat -N Cid3BD8D94B.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j Cid3BD8D94B.0 - $IPTABLES -t nat -A Cid3BD8D94B.0 -d 22.22.22.22 -j RETURN - $IPTABLES -t nat -A Cid3BD8D94B.0 -d 22.22.23.23 -j RETURN - $IPTABLES -t nat -A Cid3BD8D94B.0 -d 192.168.1.1 -j RETURN - $IPTABLES -t nat -A Cid3BD8D94B.0 -d 192.168.2.1 -j RETURN - $IPTABLES -t nat -A Cid3BD8D94B.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j Cid3BD8D94B.0 + $IPTABLES -t nat -A Cid3BD8D94B.0 -d 22.22.22.22 -j RETURN + $IPTABLES -t nat -A Cid3BD8D94B.0 -d 22.22.23.23 -j RETURN + $IPTABLES -t nat -A Cid3BD8D94B.0 -d 192.168.1.1 -j RETURN + $IPTABLES -t nat -A Cid3BD8D94B.0 -d 192.168.2.1 -j RETURN + $IPTABLES -t nat -A Cid3BD8D94B.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # # Rule 12 (NAT) # echo "Rule 12 (NAT)" # $IPTABLES -t nat -N Cid3BD8D9DD.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j Cid3BD8D9DD.0 - $IPTABLES -t nat -A Cid3BD8D9DD.0 -d 192.168.1.1 -j RETURN - $IPTABLES -t nat -A Cid3BD8D9DD.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j Cid3BD8D9DD.0 + $IPTABLES -t nat -A Cid3BD8D9DD.0 -d 192.168.1.1 -j RETURN + $IPTABLES -t nat -A Cid3BD8D9DD.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # # Rule 13 (NAT) # echo "Rule 13 (NAT)" # $IPTABLES -t nat -N Cid3BBC0EA4.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.10 --dport 80 -j Cid3BBC0EA4.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.20 --dport 80 -j Cid3BBC0EA4.0 - $IPTABLES -t nat -A Cid3BBC0EA4.0 -d 192.168.1.0/24 -j RETURN - $IPTABLES -t nat -A Cid3BBC0EA4.0 -d 192.168.2.0/24 -j RETURN - $IPTABLES -t nat -A Cid3BBC0EA4.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.10 --dport 80 -j Cid3BBC0EA4.0 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.20 --dport 80 -j Cid3BBC0EA4.0 + $IPTABLES -t nat -A Cid3BBC0EA4.0 -d 192.168.1.0/24 -j RETURN + $IPTABLES -t nat -A Cid3BBC0EA4.0 -d 192.168.2.0/24 -j RETURN + $IPTABLES -t nat -A Cid3BBC0EA4.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # # Rule 14 (NAT) # echo "Rule 14 (NAT)" # $IPTABLES -t nat -N Cid3BBC0F93.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.0/24 --dport 80 -j Cid3BBC0F93.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.0/24 --dport 80 -j Cid3BBC0F93.0 - $IPTABLES -t nat -A Cid3BBC0F93.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid3BBC0F93.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid3BBC0F93.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.0/24 --dport 80 -j Cid3BBC0F93.0 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.0/24 --dport 80 -j Cid3BBC0F93.0 + $IPTABLES -t nat -A Cid3BBC0F93.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid3BBC0F93.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid3BBC0F93.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # # Rule 15 (NAT) # echo "Rule 15 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j REDIRECT --to-ports 3128 # # Rule 16 (NAT) # echo "Rule 16 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 5000 -d 22.22.22.23 --dport 5000:5010 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 4000:4010 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 9000 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 6667,3128 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 5000 -d 22.22.22.23 --dport 5000:5010 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 4000:4010 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --sport 9000 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 6667,3128 -j DNAT --to-destination 192.168.1.10 # # Rule 17 (NAT) # echo "Rule 17 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.0/24 --dport 80 -j DNAT --to-destination :3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.0/24 --dport 80 -j DNAT --to-destination :3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.0/24 --dport 80 -j DNAT --to-destination :3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.0/24 --dport 80 -j DNAT --to-destination :3128 # # Rule 18 (NAT) # echo "Rule 18 (NAT)" # $IPTABLES -t nat -N Cid3EB38A91.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid3EB38A91.0 - $IPTABLES -t nat -A Cid3EB38A91.0 -d 192.168.1.0/24 -j RETURN - $IPTABLES -t nat -A Cid3EB38A91.0 -d 192.168.2.0/24 -j RETURN - $IPTABLES -t nat -A Cid3EB38A91.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination :3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid3EB38A91.0 + $IPTABLES -t nat -A Cid3EB38A91.0 -d 192.168.1.0/24 -j RETURN + $IPTABLES -t nat -A Cid3EB38A91.0 -d 192.168.2.0/24 -j RETURN + $IPTABLES -t nat -A Cid3EB38A91.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination :3128 @@ -1252,7 +1252,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:44 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:45 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall10.fw.orig b/test/ipt/firewall10.fw.orig index 9a61aa9ef..ebe90d7bd 100755 --- a/test/ipt/firewall10.fw.orig +++ b/test/ipt/firewall10.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:45 2011 PST by vadim +# Generated Thu Feb 17 17:33:46 2011 PST by vadim # # files: * firewall10.fw /etc/fw/firewall10.fw # @@ -473,7 +473,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:45 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:46 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall11.fw.orig b/test/ipt/firewall11.fw.orig index c67fb19c0..23799358c 100755 --- a/test/ipt/firewall11.fw.orig +++ b/test/ipt/firewall11.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:47 2011 PST by vadim +# Generated Thu Feb 17 17:33:48 2011 PST by vadim # # files: * firewall11.fw /etc/fw/firewall11.fw # @@ -327,7 +327,7 @@ script_body() { # see SF bug 3057503 for i_br0 in $i_br0_list do - test -n "$i_br0" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination $i_br0:3128 + test -n "$i_br0" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination $i_br0:3128 done @@ -589,7 +589,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:47 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:48 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall12.fw.orig b/test/ipt/firewall12.fw.orig index 89a15bf29..6fc7e2f04 100755 --- a/test/ipt/firewall12.fw.orig +++ b/test/ipt/firewall12.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:48 2011 PST by vadim +# Generated Thu Feb 17 17:33:49 2011 PST by vadim # # files: * firewall12.fw /etc/fw/firewall12.fw # @@ -322,46 +322,46 @@ script_body() { # echo "Rule 0 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination :8080 # # Rule 1 (NAT) # echo "Rule 1 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination :8080 # # Rule 2 (NAT) # echo "Rule 2 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination :8080 # # Rule 3 (NAT) # echo "Rule 3 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 8080 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j REDIRECT --to-ports 8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j REDIRECT --to-ports 8080 # # Rule 4 (NAT) # echo "Rule 4 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 8080 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j REDIRECT --to-ports 8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j REDIRECT --to-ports 8080 # # Rule 5 (NAT) # echo "Rule 5 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 22.22.22.22:8080 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination 22.22.22.22:8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 22.22.22.22:8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination 22.22.22.22:8080 # # Rule 6 (NAT) # echo "Rule 6 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 # # Rule 7 (NAT) # @@ -381,21 +381,21 @@ script_body() { echo "Rule 9 (NAT)" # # port-only translation - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 # # Rule 10 (NAT) # echo "Rule 10 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 # # Rule 11 (NAT) # echo "Rule 11 (NAT)" # # SDNAT - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.0.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.0.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10 $IPTABLES -t nat -A POSTROUTING -o eth+ -p tcp -m tcp -d 192.168.1.10 --dport 22 -j SNAT --to-source 192.0.2.1 $IPTABLES -t nat -A POSTROUTING -o eth+ -p tcp -m tcp -d 192.168.1.10 --dport 22 -j SNAT --to-source 192.168.1.1 # @@ -404,8 +404,8 @@ script_body() { echo "Rule 12 (NAT)" # # SDNAT with source port - $IPTABLES -t nat -A PREROUTING -p udp -m udp --sport 123 -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p udp -m udp --sport 123 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p udp -m udp --sport 123 -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p udp -m udp --sport 123 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.10 $IPTABLES -t nat -A POSTROUTING -o eth+ -p udp -m udp --sport 123 -d 192.168.1.10 -j SNAT --to-source 192.0.2.1:5050 $IPTABLES -t nat -A POSTROUTING -o eth+ -p udp -m udp --sport 123 -d 192.168.1.10 -j SNAT --to-source 192.168.1.1:5050 # @@ -414,7 +414,7 @@ script_body() { echo "Rule 13 (NAT)" # # SDNAT with dest port - $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --dport 53 -j DNAT --to-destination 192.168.1.10:1053 + $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --dport 53 -j DNAT --to-destination 192.168.1.10:1053 $IPTABLES -t nat -A POSTROUTING -o eth+ -p udp -m udp -s 192.168.1.0/24 -d 192.168.1.10 --dport 1053 -j SNAT --to-source 192.0.2.1 $IPTABLES -t nat -A POSTROUTING -o eth+ -p udp -m udp -s 192.168.1.0/24 -d 192.168.1.10 --dport 1053 -j SNAT --to-source 192.168.1.1 # @@ -425,7 +425,7 @@ script_body() { # SDNAT # translate src and dst addresses # and src and dst ports - $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --sport 1024:65535 --dport 53 -j DNAT --to-destination 192.168.1.10:1053 + $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --sport 1024:65535 --dport 53 -j DNAT --to-destination 192.168.1.10:1053 $IPTABLES -t nat -A POSTROUTING -o eth+ -p udp -m udp -s 192.168.1.0/24 -d 192.168.1.10 --dport 1053 -j SNAT --to-source 192.0.2.1:32767-65535 $IPTABLES -t nat -A POSTROUTING -o eth+ -p udp -m udp -s 192.168.1.0/24 -d 192.168.1.10 --dport 1053 -j SNAT --to-source 192.168.1.1:32767-65535 # @@ -511,7 +511,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:48 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:49 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall13.fw.orig b/test/ipt/firewall13.fw.orig index bbcdbc5d2..fd5fff113 100755 --- a/test/ipt/firewall13.fw.orig +++ b/test/ipt/firewall13.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:49 2011 PST by vadim +# Generated Thu Feb 17 17:33:51 2011 PST by vadim # # files: * firewall13.fw /etc/fw/firewall13.fw # @@ -385,7 +385,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:49 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:51 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall14.fw.orig b/test/ipt/firewall14.fw.orig index 7fb663eb6..70d809f07 100755 --- a/test/ipt/firewall14.fw.orig +++ b/test/ipt/firewall14.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:51 2011 PST by vadim +# Generated Thu Feb 17 17:33:52 2011 PST by vadim # # files: * firewall14.fw /etc/fw/firewall14.fw # @@ -404,7 +404,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:51 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:52 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall15.fw.orig b/test/ipt/firewall15.fw.orig index 768e2fac7..6c5448fc0 100755 --- a/test/ipt/firewall15.fw.orig +++ b/test/ipt/firewall15.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:52 2011 PST by vadim +# Generated Thu Feb 17 17:33:54 2011 PST by vadim # # files: * firewall15.fw /etc/fw/firewall15.fw # @@ -388,7 +388,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:52 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:54 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall16.fw.orig b/test/ipt/firewall16.fw.orig index 38d3dfd05..03337e80d 100755 --- a/test/ipt/firewall16.fw.orig +++ b/test/ipt/firewall16.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:53 2011 PST by vadim +# Generated Thu Feb 17 17:33:56 2011 PST by vadim # # files: * firewall16.fw /etc/fw/firewall16.fw # @@ -314,12 +314,12 @@ script_body() { # should generate code in both PREROUTING # and OUTPUT chain because option "local NAT" # is enabled - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination 192.168.2.10:80 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.22 --dport 80 -j DNAT --to-destination 192.168.2.10:80 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j DNAT --to-destination 192.168.2.10:80 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination 192.168.2.10:80 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.22 --dport 80 -j DNAT --to-destination 192.168.2.10:80 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 80 -j DNAT --to-destination 192.168.2.10:80 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination 192.168.2.10:80 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.22 --dport 80 -j DNAT --to-destination 192.168.2.10:80 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j DNAT --to-destination 192.168.2.10:80 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.22 --dport 80 -j DNAT --to-destination 192.168.2.10:80 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.22 --dport 80 -j DNAT --to-destination 192.168.2.10:80 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 80 -j DNAT --to-destination 192.168.2.10:80 # # Rule 1 (NAT) # @@ -332,26 +332,26 @@ script_body() { # echo "Rule 2 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 # # Rule 3 (NAT) # echo "Rule 3 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 # # Rule 4 (NAT) # echo "Rule 4 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -s 192.168.2.1 --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -s 192.168.2.1 --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 # # Rule 5 (NAT) # echo "Rule 5 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -s 192.168.2.1 --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -s 192.168.2.1 --dport 8080 -j DNAT --to-destination 192.168.1.10:3128 # # Rule 6 (NAT) # @@ -386,35 +386,35 @@ script_body() { # echo "Rule 10 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -j ACCEPT # # Rule 11 (NAT) # echo "Rule 11 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT # # Rule 12 (NAT) # echo "Rule 12 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -s 192.168.2.1 -j ACCEPT # # Rule 13 (NAT) # echo "Rule 13 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -s 192.168.2.1 -j ACCEPT @@ -492,7 +492,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:53 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:56 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall17.fw.orig b/test/ipt/firewall17.fw.orig index 20d127324..542cf1099 100755 --- a/test/ipt/firewall17.fw.orig +++ b/test/ipt/firewall17.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:55 2011 PST by vadim +# Generated Thu Feb 17 17:33:57 2011 PST by vadim # # files: * firewall17.fw /etc/fw/firewall17.fw # @@ -471,7 +471,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:55 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:57 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall18.fw.orig b/test/ipt/firewall18.fw.orig index 9e152a635..f1c187b29 100755 --- a/test/ipt/firewall18.fw.orig +++ b/test/ipt/firewall18.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:56 2011 PST by vadim +# Generated Thu Feb 17 17:33:59 2011 PST by vadim # # files: * firewall18.fw /etc/fw/firewall18.fw # @@ -504,7 +504,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:56 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:33:59 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall19.fw.orig b/test/ipt/firewall19.fw.orig index 74f1cc63c..54e347211 100755 --- a/test/ipt/firewall19.fw.orig +++ b/test/ipt/firewall19.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:24:58 2011 PST by vadim +# Generated Thu Feb 17 17:34:01 2011 PST by vadim # # files: * firewall19.fw /etc/fw/firewall19.fw # @@ -509,7 +509,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:24:58 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:01 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall2-1.fw.orig b/test/ipt/firewall2-1.fw.orig index 46019d4e9..c3f1034c0 100755 --- a/test/ipt/firewall2-1.fw.orig +++ b/test/ipt/firewall2-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:07 2011 PST by vadim +# Generated Thu Feb 17 17:34:10 2011 PST by vadim # # files: * firewall2-1.fw /etc/fw/firewall2-1.fw # @@ -460,100 +460,100 @@ script_body() { echo "Rule 9 (NAT)" # $IPTABLES -t nat -N Cid31547X1798.0 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid31547X1798.0 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid31547X1798.0 - $IPTABLES -t nat -A Cid31547X1798.0 -s 22.22.22.22 -j ACCEPT - $IPTABLES -t nat -A Cid31547X1798.0 -s 22.22.23.23 -j ACCEPT - $IPTABLES -t nat -A Cid31547X1798.0 -s 22.22.25.50 -j ACCEPT - $IPTABLES -t nat -A Cid31547X1798.0 -s 192.168.1.1 -j ACCEPT - $IPTABLES -t nat -A Cid31547X1798.0 -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A Cid31547X1798.0 -s 192.168.2.40 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -d 192.168.2.10 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -d 192.168.2.11 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid31547X1798.0 + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid31547X1798.0 + $IPTABLES -t nat -A Cid31547X1798.0 -s 22.22.22.22 -j ACCEPT + $IPTABLES -t nat -A Cid31547X1798.0 -s 22.22.23.23 -j ACCEPT + $IPTABLES -t nat -A Cid31547X1798.0 -s 22.22.25.50 -j ACCEPT + $IPTABLES -t nat -A Cid31547X1798.0 -s 192.168.1.1 -j ACCEPT + $IPTABLES -t nat -A Cid31547X1798.0 -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A Cid31547X1798.0 -s 192.168.2.40 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -d 192.168.2.10 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -d 192.168.2.11 -j ACCEPT $IPTABLES -t nat -N Cid31547X1798.1 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid31547X1798.1 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid31547X1798.1 - $IPTABLES -t nat -A Cid31547X1798.1 -s 192.168.1.10 -j ACCEPT - $IPTABLES -t nat -A Cid31547X1798.1 -s 192.168.1.20 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid31547X1798.1 + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid31547X1798.1 + $IPTABLES -t nat -A Cid31547X1798.1 -s 192.168.1.10 -j ACCEPT + $IPTABLES -t nat -A Cid31547X1798.1 -s 192.168.1.20 -j ACCEPT $IPTABLES -t nat -N Cid31547X1798.2 - $IPTABLES -t nat -A PREROUTING -d 192.168.2.10 -j Cid31547X1798.2 - $IPTABLES -t nat -A PREROUTING -d 192.168.2.11 -j Cid31547X1798.2 - $IPTABLES -t nat -A Cid31547X1798.2 -s 192.168.1.10 -j ACCEPT - $IPTABLES -t nat -A Cid31547X1798.2 -s 192.168.1.20 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -d 192.168.2.10 -j Cid31547X1798.2 + $IPTABLES -t nat -A PREROUTING -d 192.168.2.11 -j Cid31547X1798.2 + $IPTABLES -t nat -A Cid31547X1798.2 -s 192.168.1.10 -j ACCEPT + $IPTABLES -t nat -A Cid31547X1798.2 -s 192.168.1.20 -j ACCEPT # # Rule 10 (NAT) # echo "Rule 10 (NAT)" # $IPTABLES -t nat -N Cid31565X1798.0 - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.10 -j Cid31565X1798.0 - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.20 -j Cid31565X1798.0 - $IPTABLES -t nat -A PREROUTING -s 192.168.1.10 -j Cid31565X1798.0 - $IPTABLES -t nat -A PREROUTING -s 192.168.1.20 -j Cid31565X1798.0 - $IPTABLES -t nat -A Cid31565X1798.0 -d 192.168.2.10 -j RETURN - $IPTABLES -t nat -A Cid31565X1798.0 -d 192.168.2.11 -j RETURN - $IPTABLES -t nat -A Cid31565X1798.0 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.10 -j Cid31565X1798.0 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.20 -j Cid31565X1798.0 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.10 -j Cid31565X1798.0 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.20 -j Cid31565X1798.0 + $IPTABLES -t nat -A Cid31565X1798.0 -d 192.168.2.10 -j RETURN + $IPTABLES -t nat -A Cid31565X1798.0 -d 192.168.2.11 -j RETURN + $IPTABLES -t nat -A Cid31565X1798.0 -j ACCEPT # # Rule 11 (NAT) # echo "Rule 11 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 # # Rule 12 (NAT) # echo "Rule 12 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 13 (NAT) # echo "Rule 13 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.23.23 -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.25.50 -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.23.23 -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.25.50 -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 14 (NAT) # echo "Rule 14 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -s 200.200.200.200 -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -s 200.200.200.200 -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 16 (NAT) # echo "Rule 16 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.24 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.25 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.24 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.25 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.24 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.25 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.24 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.25 --destination-port 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 17 (NAT) # echo "Rule 17 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 # # Rule 18 (NAT) # @@ -565,8 +565,8 @@ script_body() { # echo "Rule 19 (NAT)" # - $IPTABLES -t nat -A PREROUTING -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 - $IPTABLES -t nat -A OUTPUT -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A PREROUTING -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A OUTPUT -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 # # Rule 20 (NAT) # @@ -580,102 +580,102 @@ script_body() { echo "Rule 21 (NAT)" # # NETMAP - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 # # Rule 22 (NAT) # echo "Rule 22 (NAT)" # # NETMAP - $IPTABLES -t nat -A PREROUTING -d 22.22.22.0/24 -j NETMAP --to 192.168.1.0/24 + $IPTABLES -t nat -A PREROUTING -d 22.22.22.0/24 -j NETMAP --to 192.168.1.0/24 # # Rule 23 (NAT) # echo "Rule 23 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 # # Rule 24 (NAT) # echo "Rule 24 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.10 --dport 80 -j SNAT --to-source 192.168.1.1 # # Rule 25 (NAT) # echo "Rule 25 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 # # Rule 26 (NAT) # echo "Rule 26 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 443 -j REDIRECT --to-ports 3128 # # Rule 27 (NAT) # echo "Rule 27 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 # # Rule 28 (NAT) # echo "Rule 28 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 # # Rule 29 (NAT) # echo "Rule 29 (NAT)" # # transparent proxy rule - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 22.22.22.23 -j DNAT --to-destination 192.168.2.10 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 22.22.22.23 -j DNAT --to-destination 192.168.2.10 # # Rule 31 (NAT) # echo "Rule 31 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 # # Rule 32 (NAT) # echo "Rule 32 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 # # Rule 33 (NAT) # @@ -687,9 +687,9 @@ script_body() { # echo "Rule 34 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s ! 192.168.1.10 -d 192.168.1.10 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 35 (NAT) @@ -697,11 +697,11 @@ script_body() { echo "Rule 35 (NAT)" # $IPTABLES -t nat -N Cid31935X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid31935X1798.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid31935X1798.0 - $IPTABLES -t nat -A Cid31935X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid31935X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid31935X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid31935X1798.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid31935X1798.0 + $IPTABLES -t nat -A Cid31935X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid31935X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid31935X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 # # Rule 36 (NAT) # @@ -709,18 +709,18 @@ script_body() { # $IPTABLES -t nat -N Cid31949X1798.1 $IPTABLES -t nat -A POSTROUTING -o eth0 -j Cid31949X1798.1 - $IPTABLES -t nat -A Cid31949X1798.1 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid31949X1798.1 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid31949X1798.1 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid31949X1798.1 -s 192.168.1.20 -j RETURN $IPTABLES -t nat -N Cid31949X1798.0 - $IPTABLES -t nat -A Cid31949X1798.1 -j Cid31949X1798.0 - $IPTABLES -t nat -A Cid31949X1798.0 -p tcp -m tcp --dport 80 -j RETURN - $IPTABLES -t nat -A Cid31949X1798.0 -j SNAT --to-source 192.168.1.1 + $IPTABLES -t nat -A Cid31949X1798.1 -j Cid31949X1798.0 + $IPTABLES -t nat -A Cid31949X1798.0 -p tcp -m tcp --dport 80 -j RETURN + $IPTABLES -t nat -A Cid31949X1798.0 -j SNAT --to-source 192.168.1.1 # # Rule 37 (NAT) # echo "Rule 37 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s 192.168.1.0/24 -d 192.168.1.10 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 38 (NAT) @@ -736,7 +736,7 @@ script_body() { # echo "Rule 39 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 40 (NAT) # @@ -754,11 +754,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid32019X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32019X1798.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32019X1798.0 - $IPTABLES -t nat -A Cid32019X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid32019X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid32019X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32019X1798.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32019X1798.0 + $IPTABLES -t nat -A Cid32019X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid32019X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid32019X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 42 (NAT) # @@ -767,11 +767,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid32033X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32033X1798.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32033X1798.0 - $IPTABLES -t nat -A Cid32033X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid32033X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid32033X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32033X1798.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32033X1798.0 + $IPTABLES -t nat -A Cid32033X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid32033X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid32033X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 43 (NAT) # @@ -780,10 +780,10 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid32047X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32047X1798.0 - $IPTABLES -t nat -A Cid32047X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid32047X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid32047X1798.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32047X1798.0 + $IPTABLES -t nat -A Cid32047X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid32047X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid32047X1798.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # # Rule 44 (NAT) # @@ -801,11 +801,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid32075X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32075X1798.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32075X1798.0 - $IPTABLES -t nat -A Cid32075X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid32075X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid32075X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32075X1798.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32075X1798.0 + $IPTABLES -t nat -A Cid32075X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid32075X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid32075X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 @@ -1420,7 +1420,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:07 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:10 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-2.fw.orig b/test/ipt/firewall2-2.fw.orig index 62f79b01d..f21c8c6b4 100755 --- a/test/ipt/firewall2-2.fw.orig +++ b/test/ipt/firewall2-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:11 2011 PST by vadim +# Generated Thu Feb 17 17:34:15 2011 PST by vadim # # files: * firewall2-2.fw /etc/fw/firewall2-2.fw # @@ -459,100 +459,100 @@ script_body() { echo "Rule 9 (NAT)" # $IPTABLES -t nat -N Cid32503X1798.0 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid32503X1798.0 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid32503X1798.0 - $IPTABLES -t nat -A Cid32503X1798.0 -s 22.22.22.22 -j ACCEPT - $IPTABLES -t nat -A Cid32503X1798.0 -s 22.22.23.23 -j ACCEPT - $IPTABLES -t nat -A Cid32503X1798.0 -s 22.22.25.50 -j ACCEPT - $IPTABLES -t nat -A Cid32503X1798.0 -s 192.168.1.1 -j ACCEPT - $IPTABLES -t nat -A Cid32503X1798.0 -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A Cid32503X1798.0 -s 192.168.2.40 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -d 192.168.2.10 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -d 192.168.2.11 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid32503X1798.0 + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid32503X1798.0 + $IPTABLES -t nat -A Cid32503X1798.0 -s 22.22.22.22 -j ACCEPT + $IPTABLES -t nat -A Cid32503X1798.0 -s 22.22.23.23 -j ACCEPT + $IPTABLES -t nat -A Cid32503X1798.0 -s 22.22.25.50 -j ACCEPT + $IPTABLES -t nat -A Cid32503X1798.0 -s 192.168.1.1 -j ACCEPT + $IPTABLES -t nat -A Cid32503X1798.0 -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A Cid32503X1798.0 -s 192.168.2.40 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -d 192.168.2.10 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -d 192.168.2.11 -j ACCEPT $IPTABLES -t nat -N Cid32503X1798.1 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid32503X1798.1 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid32503X1798.1 - $IPTABLES -t nat -A Cid32503X1798.1 -s 192.168.1.10 -j ACCEPT - $IPTABLES -t nat -A Cid32503X1798.1 -s 192.168.1.20 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid32503X1798.1 + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid32503X1798.1 + $IPTABLES -t nat -A Cid32503X1798.1 -s 192.168.1.10 -j ACCEPT + $IPTABLES -t nat -A Cid32503X1798.1 -s 192.168.1.20 -j ACCEPT $IPTABLES -t nat -N Cid32503X1798.2 - $IPTABLES -t nat -A PREROUTING -d 192.168.2.10 -j Cid32503X1798.2 - $IPTABLES -t nat -A PREROUTING -d 192.168.2.11 -j Cid32503X1798.2 - $IPTABLES -t nat -A Cid32503X1798.2 -s 192.168.1.10 -j ACCEPT - $IPTABLES -t nat -A Cid32503X1798.2 -s 192.168.1.20 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -d 192.168.2.10 -j Cid32503X1798.2 + $IPTABLES -t nat -A PREROUTING -d 192.168.2.11 -j Cid32503X1798.2 + $IPTABLES -t nat -A Cid32503X1798.2 -s 192.168.1.10 -j ACCEPT + $IPTABLES -t nat -A Cid32503X1798.2 -s 192.168.1.20 -j ACCEPT # # Rule 10 (NAT) # echo "Rule 10 (NAT)" # $IPTABLES -t nat -N Cid32521X1798.0 - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.10 -j Cid32521X1798.0 - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.20 -j Cid32521X1798.0 - $IPTABLES -t nat -A PREROUTING -s 192.168.1.10 -j Cid32521X1798.0 - $IPTABLES -t nat -A PREROUTING -s 192.168.1.20 -j Cid32521X1798.0 - $IPTABLES -t nat -A Cid32521X1798.0 -d 192.168.2.10 -j RETURN - $IPTABLES -t nat -A Cid32521X1798.0 -d 192.168.2.11 -j RETURN - $IPTABLES -t nat -A Cid32521X1798.0 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.10 -j Cid32521X1798.0 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.20 -j Cid32521X1798.0 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.10 -j Cid32521X1798.0 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.20 -j Cid32521X1798.0 + $IPTABLES -t nat -A Cid32521X1798.0 -d 192.168.2.10 -j RETURN + $IPTABLES -t nat -A Cid32521X1798.0 -d 192.168.2.11 -j RETURN + $IPTABLES -t nat -A Cid32521X1798.0 -j ACCEPT # # Rule 11 (NAT) # echo "Rule 11 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 # # Rule 12 (NAT) # echo "Rule 12 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 13 (NAT) # echo "Rule 13 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.23.23 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.25.50 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.23.23 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.25.50 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 14 (NAT) # echo "Rule 14 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -s 200.200.200.200 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -s 200.200.200.200 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 16 (NAT) # echo "Rule 16 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 17 (NAT) # echo "Rule 17 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 # # Rule 18 (NAT) # @@ -564,8 +564,8 @@ script_body() { # echo "Rule 19 (NAT)" # - $IPTABLES -t nat -A PREROUTING -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 - $IPTABLES -t nat -A OUTPUT -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A PREROUTING -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A OUTPUT -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 # # Rule 20 (NAT) # @@ -579,102 +579,102 @@ script_body() { echo "Rule 21 (NAT)" # # NETMAP - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 # # Rule 22 (NAT) # echo "Rule 22 (NAT)" # # NETMAP - $IPTABLES -t nat -A PREROUTING -d 22.22.22.0/24 -j NETMAP --to 192.168.1.0/24 + $IPTABLES -t nat -A PREROUTING -d 22.22.22.0/24 -j NETMAP --to 192.168.1.0/24 # # Rule 23 (NAT) # echo "Rule 23 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 # # Rule 24 (NAT) # echo "Rule 24 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.10 --dport 80 -j SNAT --to-source 192.168.1.1 # # Rule 25 (NAT) # echo "Rule 25 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 # # Rule 26 (NAT) # echo "Rule 26 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 443 -j REDIRECT --to-ports 3128 # # Rule 27 (NAT) # echo "Rule 27 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 # # Rule 28 (NAT) # echo "Rule 28 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 # # Rule 29 (NAT) # echo "Rule 29 (NAT)" # # transparent proxy rule - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 22.22.22.23 -j DNAT --to-destination 192.168.2.10 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 22.22.22.23 -j DNAT --to-destination 192.168.2.10 # # Rule 31 (NAT) # echo "Rule 31 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 # # Rule 32 (NAT) # echo "Rule 32 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 # # Rule 33 (NAT) # @@ -686,9 +686,9 @@ script_body() { # echo "Rule 34 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s ! 192.168.1.10 -d 192.168.1.10 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 35 (NAT) @@ -696,11 +696,11 @@ script_body() { echo "Rule 35 (NAT)" # $IPTABLES -t nat -N Cid32891X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid32891X1798.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid32891X1798.0 - $IPTABLES -t nat -A Cid32891X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid32891X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid32891X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid32891X1798.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid32891X1798.0 + $IPTABLES -t nat -A Cid32891X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid32891X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid32891X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 # # Rule 36 (NAT) # @@ -708,18 +708,18 @@ script_body() { # $IPTABLES -t nat -N Cid32905X1798.1 $IPTABLES -t nat -A POSTROUTING -o eth0 -j Cid32905X1798.1 - $IPTABLES -t nat -A Cid32905X1798.1 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid32905X1798.1 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid32905X1798.1 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid32905X1798.1 -s 192.168.1.20 -j RETURN $IPTABLES -t nat -N Cid32905X1798.0 - $IPTABLES -t nat -A Cid32905X1798.1 -j Cid32905X1798.0 - $IPTABLES -t nat -A Cid32905X1798.0 -p tcp -m tcp --dport 80 -j RETURN - $IPTABLES -t nat -A Cid32905X1798.0 -j SNAT --to-source 192.168.1.1 + $IPTABLES -t nat -A Cid32905X1798.1 -j Cid32905X1798.0 + $IPTABLES -t nat -A Cid32905X1798.0 -p tcp -m tcp --dport 80 -j RETURN + $IPTABLES -t nat -A Cid32905X1798.0 -j SNAT --to-source 192.168.1.1 # # Rule 37 (NAT) # echo "Rule 37 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s 192.168.1.0/24 -d 192.168.1.10 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 38 (NAT) @@ -735,7 +735,7 @@ script_body() { # echo "Rule 39 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 40 (NAT) # @@ -753,11 +753,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid32975X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32975X1798.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32975X1798.0 - $IPTABLES -t nat -A Cid32975X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid32975X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid32975X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32975X1798.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32975X1798.0 + $IPTABLES -t nat -A Cid32975X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid32975X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid32975X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 42 (NAT) # @@ -766,11 +766,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid32989X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32989X1798.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32989X1798.0 - $IPTABLES -t nat -A Cid32989X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid32989X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid32989X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid32989X1798.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid32989X1798.0 + $IPTABLES -t nat -A Cid32989X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid32989X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid32989X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 43 (NAT) # @@ -779,10 +779,10 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid33003X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid33003X1798.0 - $IPTABLES -t nat -A Cid33003X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid33003X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid33003X1798.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid33003X1798.0 + $IPTABLES -t nat -A Cid33003X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid33003X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid33003X1798.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # # Rule 44 (NAT) # @@ -800,11 +800,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid33031X1798.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid33031X1798.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid33031X1798.0 - $IPTABLES -t nat -A Cid33031X1798.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid33031X1798.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid33031X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid33031X1798.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid33031X1798.0 + $IPTABLES -t nat -A Cid33031X1798.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid33031X1798.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid33031X1798.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 @@ -1249,7 +1249,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:11 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:15 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-3.fw.orig b/test/ipt/firewall2-3.fw.orig index 7c0c7ea86..4993be30c 100755 --- a/test/ipt/firewall2-3.fw.orig +++ b/test/ipt/firewall2-3.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:15 2011 PST by vadim +# Generated Thu Feb 17 17:34:18 2011 PST by vadim # # files: * firewall2-3.fw /etc/fw/firewall2-3.fw # @@ -444,100 +444,100 @@ script_body() { echo "Rule 9 (NAT)" # $IPTABLES -t nat -N Cid35496X1833.0 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid35496X1833.0 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid35496X1833.0 - $IPTABLES -t nat -A Cid35496X1833.0 -s 22.22.22.22 -j ACCEPT - $IPTABLES -t nat -A Cid35496X1833.0 -s 22.22.23.23 -j ACCEPT - $IPTABLES -t nat -A Cid35496X1833.0 -s 22.22.25.50 -j ACCEPT - $IPTABLES -t nat -A Cid35496X1833.0 -s 192.168.1.1 -j ACCEPT - $IPTABLES -t nat -A Cid35496X1833.0 -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A Cid35496X1833.0 -s 192.168.2.40 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -d 192.168.2.10 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -d 192.168.2.11 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid35496X1833.0 + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid35496X1833.0 + $IPTABLES -t nat -A Cid35496X1833.0 -s 22.22.22.22 -j ACCEPT + $IPTABLES -t nat -A Cid35496X1833.0 -s 22.22.23.23 -j ACCEPT + $IPTABLES -t nat -A Cid35496X1833.0 -s 22.22.25.50 -j ACCEPT + $IPTABLES -t nat -A Cid35496X1833.0 -s 192.168.1.1 -j ACCEPT + $IPTABLES -t nat -A Cid35496X1833.0 -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A Cid35496X1833.0 -s 192.168.2.40 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -d 192.168.2.10 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -d 192.168.2.11 -j ACCEPT $IPTABLES -t nat -N Cid35496X1833.1 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid35496X1833.1 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid35496X1833.1 - $IPTABLES -t nat -A Cid35496X1833.1 -s 192.168.1.10 -j ACCEPT - $IPTABLES -t nat -A Cid35496X1833.1 -s 192.168.1.20 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid35496X1833.1 + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid35496X1833.1 + $IPTABLES -t nat -A Cid35496X1833.1 -s 192.168.1.10 -j ACCEPT + $IPTABLES -t nat -A Cid35496X1833.1 -s 192.168.1.20 -j ACCEPT $IPTABLES -t nat -N Cid35496X1833.2 - $IPTABLES -t nat -A PREROUTING -d 192.168.2.10 -j Cid35496X1833.2 - $IPTABLES -t nat -A PREROUTING -d 192.168.2.11 -j Cid35496X1833.2 - $IPTABLES -t nat -A Cid35496X1833.2 -s 192.168.1.10 -j ACCEPT - $IPTABLES -t nat -A Cid35496X1833.2 -s 192.168.1.20 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -d 192.168.2.10 -j Cid35496X1833.2 + $IPTABLES -t nat -A PREROUTING -d 192.168.2.11 -j Cid35496X1833.2 + $IPTABLES -t nat -A Cid35496X1833.2 -s 192.168.1.10 -j ACCEPT + $IPTABLES -t nat -A Cid35496X1833.2 -s 192.168.1.20 -j ACCEPT # # Rule 10 (NAT) # echo "Rule 10 (NAT)" # $IPTABLES -t nat -N Cid35514X1833.0 - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.10 -j Cid35514X1833.0 - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.20 -j Cid35514X1833.0 - $IPTABLES -t nat -A PREROUTING -s 192.168.1.10 -j Cid35514X1833.0 - $IPTABLES -t nat -A PREROUTING -s 192.168.1.20 -j Cid35514X1833.0 - $IPTABLES -t nat -A Cid35514X1833.0 -d 192.168.2.10 -j RETURN - $IPTABLES -t nat -A Cid35514X1833.0 -d 192.168.2.11 -j RETURN - $IPTABLES -t nat -A Cid35514X1833.0 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.10 -j Cid35514X1833.0 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.20 -j Cid35514X1833.0 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.10 -j Cid35514X1833.0 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.20 -j Cid35514X1833.0 + $IPTABLES -t nat -A Cid35514X1833.0 -d 192.168.2.10 -j RETURN + $IPTABLES -t nat -A Cid35514X1833.0 -d 192.168.2.11 -j RETURN + $IPTABLES -t nat -A Cid35514X1833.0 -j ACCEPT # # Rule 11 (NAT) # echo "Rule 11 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 # # Rule 12 (NAT) # echo "Rule 12 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 13 (NAT) # echo "Rule 13 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.23.23 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.25.50 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.23.23 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.25.50 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 14 (NAT) # echo "Rule 14 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -s 200.200.200.200 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -s 200.200.200.200 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 16 (NAT) # echo "Rule 16 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 17 (NAT) # echo "Rule 17 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 # # Rule 18 (NAT) # @@ -549,8 +549,8 @@ script_body() { # echo "Rule 19 (NAT)" # - $IPTABLES -t nat -A PREROUTING -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 - $IPTABLES -t nat -A OUTPUT -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A PREROUTING -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A OUTPUT -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 # # Rule 20 (NAT) # @@ -564,102 +564,102 @@ script_body() { echo "Rule 21 (NAT)" # # NETMAP - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 # # Rule 22 (NAT) # echo "Rule 22 (NAT)" # # NETMAP - $IPTABLES -t nat -A PREROUTING -d 22.22.22.0/24 -j NETMAP --to 192.168.1.0/24 + $IPTABLES -t nat -A PREROUTING -d 22.22.22.0/24 -j NETMAP --to 192.168.1.0/24 # # Rule 23 (NAT) # echo "Rule 23 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 # # Rule 24 (NAT) # echo "Rule 24 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.10 --dport 80 -j SNAT --to-source 192.168.1.1 # # Rule 25 (NAT) # echo "Rule 25 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 # # Rule 26 (NAT) # echo "Rule 26 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 443 -j REDIRECT --to-ports 3128 # # Rule 27 (NAT) # echo "Rule 27 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 # # Rule 28 (NAT) # echo "Rule 28 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 # # Rule 29 (NAT) # echo "Rule 29 (NAT)" # # transparent proxy rule - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 22.22.22.23 -j DNAT --to-destination 192.168.2.10 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 22.22.22.23 -j DNAT --to-destination 192.168.2.10 # # Rule 31 (NAT) # echo "Rule 31 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 # # Rule 32 (NAT) # echo "Rule 32 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 # # Rule 33 (NAT) # @@ -671,9 +671,9 @@ script_body() { # echo "Rule 34 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s ! 192.168.1.10 -d 192.168.1.10 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 35 (NAT) @@ -681,11 +681,11 @@ script_body() { echo "Rule 35 (NAT)" # $IPTABLES -t nat -N Cid35884X1833.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid35884X1833.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid35884X1833.0 - $IPTABLES -t nat -A Cid35884X1833.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid35884X1833.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid35884X1833.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid35884X1833.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid35884X1833.0 + $IPTABLES -t nat -A Cid35884X1833.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid35884X1833.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid35884X1833.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 # # Rule 36 (NAT) # @@ -693,18 +693,18 @@ script_body() { # $IPTABLES -t nat -N Cid35898X1833.1 $IPTABLES -t nat -A POSTROUTING -o eth0 -j Cid35898X1833.1 - $IPTABLES -t nat -A Cid35898X1833.1 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid35898X1833.1 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid35898X1833.1 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid35898X1833.1 -s 192.168.1.20 -j RETURN $IPTABLES -t nat -N Cid35898X1833.0 - $IPTABLES -t nat -A Cid35898X1833.1 -j Cid35898X1833.0 - $IPTABLES -t nat -A Cid35898X1833.0 -p tcp -m tcp --dport 80 -j RETURN - $IPTABLES -t nat -A Cid35898X1833.0 -j SNAT --to-source 192.168.1.1 + $IPTABLES -t nat -A Cid35898X1833.1 -j Cid35898X1833.0 + $IPTABLES -t nat -A Cid35898X1833.0 -p tcp -m tcp --dport 80 -j RETURN + $IPTABLES -t nat -A Cid35898X1833.0 -j SNAT --to-source 192.168.1.1 # # Rule 37 (NAT) # echo "Rule 37 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s 192.168.1.0/24 -d 192.168.1.10 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 38 (NAT) @@ -720,7 +720,7 @@ script_body() { # echo "Rule 39 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 40 (NAT) # @@ -738,11 +738,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid35968X1833.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid35968X1833.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid35968X1833.0 - $IPTABLES -t nat -A Cid35968X1833.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid35968X1833.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid35968X1833.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid35968X1833.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid35968X1833.0 + $IPTABLES -t nat -A Cid35968X1833.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid35968X1833.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid35968X1833.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 42 (NAT) # @@ -751,11 +751,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid35982X1833.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid35982X1833.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid35982X1833.0 - $IPTABLES -t nat -A Cid35982X1833.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid35982X1833.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid35982X1833.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid35982X1833.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid35982X1833.0 + $IPTABLES -t nat -A Cid35982X1833.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid35982X1833.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid35982X1833.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 43 (NAT) # @@ -764,10 +764,10 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid35996X1833.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid35996X1833.0 - $IPTABLES -t nat -A Cid35996X1833.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid35996X1833.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid35996X1833.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid35996X1833.0 + $IPTABLES -t nat -A Cid35996X1833.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid35996X1833.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid35996X1833.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # # Rule 44 (NAT) # @@ -785,11 +785,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid36024X1833.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid36024X1833.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid36024X1833.0 - $IPTABLES -t nat -A Cid36024X1833.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid36024X1833.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid36024X1833.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid36024X1833.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid36024X1833.0 + $IPTABLES -t nat -A Cid36024X1833.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid36024X1833.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid36024X1833.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 @@ -1120,7 +1120,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:15 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:18 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-4.fw.orig b/test/ipt/firewall2-4.fw.orig index f02a2581a..2904a9346 100755 --- a/test/ipt/firewall2-4.fw.orig +++ b/test/ipt/firewall2-4.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:18 2011 PST by vadim +# Generated Thu Feb 17 17:34:23 2011 PST by vadim # # files: * firewall2-4.fw /etc/fw/firewall2-4.fw # @@ -331,9 +331,9 @@ script_body() { echo "Rule 5 (NAT)" # # firewall2-4:NAT:5: error: Non-contiguous address range in Translated Destination in load balancing NAT rule - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10-192.168.1.20 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10-192.168.1.20 # firewall2-4:NAT:5: error: Non-contiguous address range in Translated Destination in load balancing NAT rule - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10-192.168.1.20 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10-192.168.1.20 # # Rule 6 (NAT) # @@ -346,7 +346,7 @@ script_body() { # echo "Rule 8 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j NETMAP --to 22.22.22.0/24 + $IPTABLES -t nat -A POSTROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j NETMAP --to 22.22.22.0/24 # # Rule 11 (NAT) # @@ -424,7 +424,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:18 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:23 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-5.fw.orig b/test/ipt/firewall2-5.fw.orig index c3dd96d86..c8166778d 100755 --- a/test/ipt/firewall2-5.fw.orig +++ b/test/ipt/firewall2-5.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:21 2011 PST by vadim +# Generated Thu Feb 17 17:34:26 2011 PST by vadim # # files: * firewall2-5.fw /etc/fw/firewall2-5.fw # @@ -322,7 +322,7 @@ script_body() { echo "Rule 0 (NAT)" # # NETMAP and no -o itf - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 # # Rule 1 (NAT) # @@ -453,7 +453,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:21 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:26 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2.fw.orig b/test/ipt/firewall2.fw.orig index 97a95ede0..876097d04 100755 --- a/test/ipt/firewall2.fw.orig +++ b/test/ipt/firewall2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:00 2011 PST by vadim +# Generated Thu Feb 17 17:34:03 2011 PST by vadim # # files: * firewall2.fw /etc/fw/firewall2.fw # @@ -482,100 +482,100 @@ script_body() { echo "Rule 11 (NAT)" # $IPTABLES -t nat -N Cid3D1519E8.0 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid3D1519E8.0 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid3D1519E8.0 - $IPTABLES -t nat -A Cid3D1519E8.0 -s 22.22.22.22 -j ACCEPT - $IPTABLES -t nat -A Cid3D1519E8.0 -s 22.22.23.23 -j ACCEPT - $IPTABLES -t nat -A Cid3D1519E8.0 -s 22.22.25.50 -j ACCEPT - $IPTABLES -t nat -A Cid3D1519E8.0 -s 192.168.1.1 -j ACCEPT - $IPTABLES -t nat -A Cid3D1519E8.0 -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A Cid3D1519E8.0 -s 192.168.2.40 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -d 192.168.2.10 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -d 192.168.2.11 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid3D1519E8.0 + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid3D1519E8.0 + $IPTABLES -t nat -A Cid3D1519E8.0 -s 22.22.22.22 -j ACCEPT + $IPTABLES -t nat -A Cid3D1519E8.0 -s 22.22.23.23 -j ACCEPT + $IPTABLES -t nat -A Cid3D1519E8.0 -s 22.22.25.50 -j ACCEPT + $IPTABLES -t nat -A Cid3D1519E8.0 -s 192.168.1.1 -j ACCEPT + $IPTABLES -t nat -A Cid3D1519E8.0 -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A Cid3D1519E8.0 -s 192.168.2.40 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -d 192.168.2.10 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -d 192.168.2.11 -j ACCEPT $IPTABLES -t nat -N Cid3D1519E8.1 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid3D1519E8.1 - $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid3D1519E8.1 - $IPTABLES -t nat -A Cid3D1519E8.1 -s 192.168.1.10 -j ACCEPT - $IPTABLES -t nat -A Cid3D1519E8.1 -s 192.168.1.20 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.10 -j Cid3D1519E8.1 + $IPTABLES -t nat -A POSTROUTING -d 192.168.2.11 -j Cid3D1519E8.1 + $IPTABLES -t nat -A Cid3D1519E8.1 -s 192.168.1.10 -j ACCEPT + $IPTABLES -t nat -A Cid3D1519E8.1 -s 192.168.1.20 -j ACCEPT $IPTABLES -t nat -N Cid3D1519E8.2 - $IPTABLES -t nat -A PREROUTING -d 192.168.2.10 -j Cid3D1519E8.2 - $IPTABLES -t nat -A PREROUTING -d 192.168.2.11 -j Cid3D1519E8.2 - $IPTABLES -t nat -A Cid3D1519E8.2 -s 192.168.1.10 -j ACCEPT - $IPTABLES -t nat -A Cid3D1519E8.2 -s 192.168.1.20 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -d 192.168.2.10 -j Cid3D1519E8.2 + $IPTABLES -t nat -A PREROUTING -d 192.168.2.11 -j Cid3D1519E8.2 + $IPTABLES -t nat -A Cid3D1519E8.2 -s 192.168.1.10 -j ACCEPT + $IPTABLES -t nat -A Cid3D1519E8.2 -s 192.168.1.20 -j ACCEPT # # Rule 12 (NAT) # echo "Rule 12 (NAT)" # $IPTABLES -t nat -N Cid3D151BA0.0 - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.10 -j Cid3D151BA0.0 - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.20 -j Cid3D151BA0.0 - $IPTABLES -t nat -A PREROUTING -s 192.168.1.10 -j Cid3D151BA0.0 - $IPTABLES -t nat -A PREROUTING -s 192.168.1.20 -j Cid3D151BA0.0 - $IPTABLES -t nat -A Cid3D151BA0.0 -d 192.168.2.10 -j RETURN - $IPTABLES -t nat -A Cid3D151BA0.0 -d 192.168.2.11 -j RETURN - $IPTABLES -t nat -A Cid3D151BA0.0 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.10 -j Cid3D151BA0.0 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.20 -j Cid3D151BA0.0 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.10 -j Cid3D151BA0.0 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.20 -j Cid3D151BA0.0 + $IPTABLES -t nat -A Cid3D151BA0.0 -d 192.168.2.10 -j RETURN + $IPTABLES -t nat -A Cid3D151BA0.0 -d 192.168.2.11 -j RETURN + $IPTABLES -t nat -A Cid3D151BA0.0 -j ACCEPT # # Rule 13 (NAT) # echo "Rule 13 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p 50 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p 88 -d 22.22.22.23 -j DNAT --to-destination 192.168.1.10 # # Rule 14 (NAT) # echo "Rule 14 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 11/1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 0/0 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p icmp -m icmp -d 22.22.22.23 --icmp-type 3 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 15 (NAT) # echo "Rule 15 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.23.23 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.25.50 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.23.23 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -s 22.22.25.50 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 16 (NAT) # echo "Rule 16 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -s 200.200.200.200 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -s 200.200.200.200 -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 18 (NAT) # echo "Rule 18 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.23 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.24 --dports 80,119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport -d 22.22.22.25 --dports 80,119 -j DNAT --to-destination 192.168.1.10 # # Rule 19 (NAT) # echo "Rule 19 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 119 -j DNAT --to-destination 192.168.1.10 # # Rule 20 (NAT) # @@ -587,8 +587,8 @@ script_body() { # echo "Rule 21 (NAT)" # - $IPTABLES -t nat -A PREROUTING -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 - $IPTABLES -t nat -A OUTPUT -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A PREROUTING -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A OUTPUT -d 22.22.23.24 -j DNAT --to-destination 192.168.1.20 # # Rule 22 (NAT) # @@ -602,102 +602,102 @@ script_body() { echo "Rule 23 (NAT)" # # NETMAP - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j NETMAP --to 22.22.22.0/24 # # Rule 24 (NAT) # echo "Rule 24 (NAT)" # # NETMAP - $IPTABLES -t nat -A PREROUTING -d 22.22.22.0/24 -j NETMAP --to 192.168.1.0/24 + $IPTABLES -t nat -A PREROUTING -d 22.22.22.0/24 -j NETMAP --to 192.168.1.0/24 # # Rule 25 (NAT) # echo "Rule 25 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.1 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.2.40 --dport 10000:11000 -j DNAT --to-destination 192.168.1.10:10000-11000 # # Rule 26 (NAT) # echo "Rule 26 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.25.50 --dport 80 -j DNAT --to-destination 192.168.1.10 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.10 --dport 80 -j SNAT --to-source 192.168.1.1 # # Rule 27 (NAT) # echo "Rule 27 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.23 --dport 80 -j DNAT --to-destination 192.168.1.10:25 # # Rule 28 (NAT) # echo "Rule 28 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 80 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 443 -j REDIRECT --to-ports 3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.25.50 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 443 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.40 --dport 443 -j REDIRECT --to-ports 3128 # # Rule 29 (NAT) # echo "Rule 29 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.10-192.168.1.100 # # Rule 30 (NAT) # echo "Rule 30 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 22.22.22.22 --dport 8080 -j DNAT --to-destination 192.168.1.11-192.168.1.15 # # Rule 31 (NAT) # echo "Rule 31 (NAT)" # # transparent proxy rule - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 22.22.22.23 -j DNAT --to-destination 192.168.2.10 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 22.22.22.23 -j DNAT --to-destination 192.168.2.10 # # Rule 33 (NAT) # echo "Rule 33 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination :8080 # # Rule 34 (NAT) # echo "Rule 34 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:8080 # # Rule 35 (NAT) # @@ -709,9 +709,9 @@ script_body() { # echo "Rule 36 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s ! 192.168.1.10 -d 192.168.1.10 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 37 (NAT) @@ -719,11 +719,11 @@ script_body() { echo "Rule 37 (NAT)" # $IPTABLES -t nat -N Cid40F195C3.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid40F195C3.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid40F195C3.0 - $IPTABLES -t nat -A Cid40F195C3.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid40F195C3.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid40F195C3.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid40F195C3.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -d ! 192.168.1.50 --dport 80 -j Cid40F195C3.0 + $IPTABLES -t nat -A Cid40F195C3.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid40F195C3.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid40F195C3.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 # # Rule 38 (NAT) # @@ -731,18 +731,18 @@ script_body() { # $IPTABLES -t nat -N Cid40F1C52F.1 $IPTABLES -t nat -A POSTROUTING -o eth0 -j Cid40F1C52F.1 - $IPTABLES -t nat -A Cid40F1C52F.1 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid40F1C52F.1 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid40F1C52F.1 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid40F1C52F.1 -s 192.168.1.20 -j RETURN $IPTABLES -t nat -N Cid40F1C52F.0 - $IPTABLES -t nat -A Cid40F1C52F.1 -j Cid40F1C52F.0 - $IPTABLES -t nat -A Cid40F1C52F.0 -p tcp -m tcp --dport 80 -j RETURN - $IPTABLES -t nat -A Cid40F1C52F.0 -j SNAT --to-source 192.168.1.1 + $IPTABLES -t nat -A Cid40F1C52F.1 -j Cid40F1C52F.0 + $IPTABLES -t nat -A Cid40F1C52F.0 -p tcp -m tcp --dport 80 -j RETURN + $IPTABLES -t nat -A Cid40F1C52F.0 -j SNAT --to-source 192.168.1.1 # # Rule 39 (NAT) # echo "Rule 39 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.10:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s 192.168.1.0/24 -d 192.168.1.10 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 40 (NAT) @@ -758,7 +758,7 @@ script_body() { # echo "Rule 41 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 42 (NAT) # @@ -776,11 +776,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid46D67A4324736.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid46D67A4324736.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid46D67A4324736.0 - $IPTABLES -t nat -A Cid46D67A4324736.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid46D67A4324736.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid46D67A4324736.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid46D67A4324736.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid46D67A4324736.0 + $IPTABLES -t nat -A Cid46D67A4324736.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid46D67A4324736.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid46D67A4324736.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 44 (NAT) # @@ -789,11 +789,11 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid46D67A5924736.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid46D67A5924736.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid46D67A5924736.0 - $IPTABLES -t nat -A Cid46D67A5924736.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid46D67A5924736.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid46D67A5924736.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid46D67A5924736.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid46D67A5924736.0 + $IPTABLES -t nat -A Cid46D67A5924736.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid46D67A5924736.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid46D67A5924736.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128 # # Rule 45 (NAT) # @@ -802,10 +802,10 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid46D49F3624736.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid46D49F3624736.0 - $IPTABLES -t nat -A Cid46D49F3624736.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid46D49F3624736.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid46D49F3624736.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid46D49F3624736.0 + $IPTABLES -t nat -A Cid46D49F3624736.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid46D49F3624736.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid46D49F3624736.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # # Rule 46 (NAT) # @@ -823,36 +823,36 @@ script_body() { # testing transparent proxy # roules for a support req. $IPTABLES -t nat -N Cid46D6AA2F24736.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid46D6AA2F24736.0 - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid46D6AA2F24736.0 - $IPTABLES -t nat -A Cid46D6AA2F24736.0 -s 192.168.1.10 -j RETURN - $IPTABLES -t nat -A Cid46D6AA2F24736.0 -s 192.168.1.20 -j RETURN - $IPTABLES -t nat -A Cid46D6AA2F24736.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j Cid46D6AA2F24736.0 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j Cid46D6AA2F24736.0 + $IPTABLES -t nat -A Cid46D6AA2F24736.0 -s 192.168.1.10 -j RETURN + $IPTABLES -t nat -A Cid46D6AA2F24736.0 -s 192.168.1.20 -j RETURN + $IPTABLES -t nat -A Cid46D6AA2F24736.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.50:3128 # # Rule 48 (NAT) # echo "Rule 48 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 3050:3051 -j DNAT --to-destination :700 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 3050:3051 -j DNAT --to-destination :700 $IPTABLES -t nat -A POSTROUTING -o eth+ -p tcp -m tcp -s 192.168.1.0/24 --dport 700 -j SNAT --to-source 192.168.1.10 # # Rule 49 (NAT) # echo "Rule 49 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 9040 -j REDIRECT --to-ports 9040 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp --dport 9040 -j REDIRECT --to-ports 9040 # # Rule 50 (NAT) # echo "Rule 50 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m owner --uid-owner anonymous -j REDIRECT --to-ports 9040 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m owner --uid-owner anonymous -j REDIRECT --to-ports 9040 # # Rule 52 (NAT) # echo "Rule 52 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p udp -m udp -m owner --uid-owner anonymous -j REDIRECT --to-ports 53 + $IPTABLES -t nat -A OUTPUT -p udp -m udp -m owner --uid-owner anonymous -j REDIRECT --to-ports 53 @@ -1470,7 +1470,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:00 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:03 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall20-ipv6.fw.orig b/test/ipt/firewall20-ipv6.fw.orig index 3ce4773f0..a8e1986e0 100755 --- a/test/ipt/firewall20-ipv6.fw.orig +++ b/test/ipt/firewall20-ipv6.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:03 2011 PST by vadim +# Generated Thu Feb 17 17:34:06 2011 PST by vadim # # files: * firewall20-ipv6.fw /etc/fw/firewall20-ipv6.fw # @@ -456,7 +456,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:03 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:06 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall20.fw.orig b/test/ipt/firewall20.fw.orig index 0dc326e0b..69e519293 100755 --- a/test/ipt/firewall20.fw.orig +++ b/test/ipt/firewall20.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:01 2011 PST by vadim +# Generated Thu Feb 17 17:34:04 2011 PST by vadim # # files: * firewall20.fw /etc/fw/firewall20.fw # @@ -354,24 +354,24 @@ script_body() { eval "addr_list=$cmd" for addr in $addr_list do - test -n "$addr" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $addr --dport 22 -j DNAT --to-destination 192.168.1.10:22 + test -n "$addr" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $addr --dport 22 -j DNAT --to-destination 192.168.1.10:22 done done - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 # # Rule 6 (NAT) # echo "Rule 6 (NAT)" # - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 200.200.200.200 -j DNAT --to-destination 192.168.2.10 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 200.200.200.200 -j DNAT --to-destination 192.168.2.10 $IPTABLES -t nat -A POSTROUTING -o eth2 -s 192.168.1.0/24 -d 192.168.2.10 -j SNAT --to-source 192.168.2.1 # # Rule 7 (NAT) # echo "Rule 7 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10 getinterfaces ppp | while read I; do ivar=$(getInterfaceVarName $I) getaddr $I $ivar @@ -379,7 +379,7 @@ script_body() { eval "addr_list=$cmd" for addr in $addr_list do - test -n "$addr" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $addr --dport 22 -j DNAT --to-destination 192.168.1.10 + test -n "$addr" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $addr --dport 22 -j DNAT --to-destination 192.168.1.10 done done @@ -674,7 +674,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:01 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:04 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall21-1.fw.orig b/test/ipt/firewall21-1.fw.orig index 0a998d0ca..b566958a9 100755 --- a/test/ipt/firewall21-1.fw.orig +++ b/test/ipt/firewall21-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:07 2011 PST by vadim +# Generated Thu Feb 17 17:34:10 2011 PST by vadim # # files: * firewall21-1.fw /etc/fw/firewall21-1.fw # @@ -303,11 +303,11 @@ script_body() { # for i_eth0 in $i_eth0_list do - test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.10 + test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.10 done for i_eth1 in $i_eth1_list do - test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -d $i_eth1 -j DNAT --to-destination 192.168.1.10 + test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -d $i_eth1 -j DNAT --to-destination 192.168.1.10 done # # Rule 1 (NAT) @@ -316,11 +316,11 @@ script_body() { # for i_eth0 in $i_eth0_list do - test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.10 --random --persistent + test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.10 --random --persistent done for i_eth1 in $i_eth1_list do - test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -d $i_eth1 -j DNAT --to-destination 192.168.1.10 --random --persistent + test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -d $i_eth1 -j DNAT --to-destination 192.168.1.10 --random --persistent done # # Rule 2 (NAT) @@ -470,7 +470,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:07 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:10 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall21.fw.orig b/test/ipt/firewall21.fw.orig index 6e1461cbe..2137baf14 100755 --- a/test/ipt/firewall21.fw.orig +++ b/test/ipt/firewall21.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:04 2011 PST by vadim +# Generated Thu Feb 17 17:34:07 2011 PST by vadim # # files: * firewall21.fw /etc/fw/firewall21.fw # @@ -302,11 +302,11 @@ script_body() { # for i_eth0 in $i_eth0_list do - test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.10 + test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.10 done for i_eth1 in $i_eth1_list do - test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -d $i_eth1 -j DNAT --to-destination 192.168.1.10 + test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -d $i_eth1 -j DNAT --to-destination 192.168.1.10 done # # Rule 1 (NAT) @@ -315,11 +315,11 @@ script_body() { # for i_eth0 in $i_eth0_list do - test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.10 --random + test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.10 --random done for i_eth1 in $i_eth1_list do - test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -d $i_eth1 -j DNAT --to-destination 192.168.1.10 --random + test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -d $i_eth1 -j DNAT --to-destination 192.168.1.10 --random done # # Rule 2 (NAT) @@ -469,7 +469,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:04 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:07 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall22.fw.orig b/test/ipt/firewall22.fw.orig index 5ee1cdb33..f5eb940cc 100755 --- a/test/ipt/firewall22.fw.orig +++ b/test/ipt/firewall22.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:10 2011 PST by vadim +# Generated Thu Feb 17 17:34:13 2011 PST by vadim # # files: * firewall22.fw /etc/fw/firewall22.fw # @@ -302,13 +302,13 @@ script_body() { # echo "Rule 1 (NAT)" # - $IPTABLES -t nat -A PREROUTING -d 192.168.2.1 -m string --string test_pattern -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -d 192.168.2.1 -m string --string test_pattern -j DNAT --to-destination 192.168.1.10 # # Rule 2 (NAT) # echo "Rule 2 (NAT)" # - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -m string --string test_pattern -j DNAT --to-destination 200.200.200.200 + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -m string --string test_pattern -j DNAT --to-destination 200.200.200.200 $IPTABLES -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -d 200.200.200.200 -m string --string test_pattern -j SNAT --to-source 192.168.2.1 @@ -390,7 +390,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:10 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:13 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall23-1.fw.orig b/test/ipt/firewall23-1.fw.orig index 0e60a7933..84ba59181 100755 --- a/test/ipt/firewall23-1.fw.orig +++ b/test/ipt/firewall23-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:15 2011 PST by vadim +# Generated Thu Feb 17 17:34:19 2011 PST by vadim # # files: * firewall23-1.fw /etc/fw/firewall23-1.fw # @@ -564,7 +564,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:15 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:19 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall23.fw.orig b/test/ipt/firewall23.fw.orig index 4da77da2f..bbf5eda1e 100755 --- a/test/ipt/firewall23.fw.orig +++ b/test/ipt/firewall23.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:13 2011 PST by vadim +# Generated Thu Feb 17 17:34:16 2011 PST by vadim # # files: * firewall23.fw /etc/fw/firewall23.fw # @@ -476,7 +476,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:13 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:16 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall24.fw.orig b/test/ipt/firewall24.fw.orig index f3b7795a0..14b5af429 100755 --- a/test/ipt/firewall24.fw.orig +++ b/test/ipt/firewall24.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:18 2011 PST by vadim +# Generated Thu Feb 17 17:34:21 2011 PST by vadim # # files: * firewall24.fw /etc/fw/firewall24.fw # @@ -493,7 +493,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:18 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall25.fw.orig b/test/ipt/firewall25.fw.orig index dbec5fbcf..c05c865b9 100755 --- a/test/ipt/firewall25.fw.orig +++ b/test/ipt/firewall25.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:22 2011 PST by vadim +# Generated Thu Feb 17 17:34:26 2011 PST by vadim # # files: * firewall25.fw /etc/fw/firewall25.fw # @@ -617,14 +617,14 @@ script_body() { eval "addr_list=$cmd" for addr in $addr_list do - test -n "$addr" && echo "-A PREROUTING -p tcp -m tcp -d $addr --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + test -n "$addr" && echo "-A PREROUTING -p tcp -m tcp -d $addr --dport 22 -j DNAT --to-destination 192.168.1.10:22 " done done - echo "-A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " - echo "-A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + echo "-A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + echo "-A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " # # Rule 3 (NAT) - echo "-A PREROUTING -s 192.168.1.0/24 -d ! 200.200.200.200 -j DNAT --to-destination 192.168.2.10 " + echo "-A PREROUTING -s 192.168.1.0/24 -d ! 200.200.200.200 -j DNAT --to-destination 192.168.2.10 " echo "-A POSTROUTING -o eth2 -s 192.168.1.0/24 -d 192.168.2.10 -j SNAT --to-source 192.168.2.1 " # echo COMMIT @@ -687,7 +687,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:22 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:26 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall26.fw.orig b/test/ipt/firewall26.fw.orig index 9a24879cc..290c00cee 100755 --- a/test/ipt/firewall26.fw.orig +++ b/test/ipt/firewall26.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:24 2011 PST by vadim +# Generated Thu Feb 17 17:34:29 2011 PST by vadim # # files: * firewall26.fw /etc/fw/firewall26.fw # @@ -493,13 +493,13 @@ script_body() { # Rule 2 (NAT) for i_ppp in $i_ppp_list do - test -n "$i_ppp" && echo "-A PREROUTING -p tcp -m tcp -d $i_ppp --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + test -n "$i_ppp" && echo "-A PREROUTING -p tcp -m tcp -d $i_ppp --dport 22 -j DNAT --to-destination 192.168.1.10:22 " done - echo "-A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " - echo "-A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + echo "-A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + echo "-A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " # # Rule 3 (NAT) - echo "-A PREROUTING -s 192.168.1.0/24 -d ! 200.200.200.200 -j DNAT --to-destination 192.168.2.10 " + echo "-A PREROUTING -s 192.168.1.0/24 -d ! 200.200.200.200 -j DNAT --to-destination 192.168.2.10 " echo "-A POSTROUTING -o eth2 -s 192.168.1.0/24 -d 192.168.2.10 -j SNAT --to-source 192.168.2.1 " # echo COMMIT @@ -562,7 +562,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:24 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:29 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall27.fw.orig b/test/ipt/firewall27.fw.orig index 3f081b44d..96236dafd 100755 --- a/test/ipt/firewall27.fw.orig +++ b/test/ipt/firewall27.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:25 2011 PST by vadim +# Generated Thu Feb 17 17:34:32 2011 PST by vadim # # files: * firewall27.fw /etc/fw/firewall27.fw # @@ -478,12 +478,12 @@ script_body() { echo "-A POSTROUTING -o ppp -s 192.168.1.0/24 -j SNAT --to-source 22.22.22.23 " # # Rule 2 (NAT) - echo "-A PREROUTING -p tcp -m tcp -d 192.0.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " - echo "-A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " - echo "-A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + echo "-A PREROUTING -p tcp -m tcp -d 192.0.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + echo "-A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " + echo "-A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 " # # Rule 3 (NAT) - echo "-A PREROUTING -s 192.168.1.0/24 -d ! 200.200.200.200 -j DNAT --to-destination 192.168.2.10 " + echo "-A PREROUTING -s 192.168.1.0/24 -d ! 200.200.200.200 -j DNAT --to-destination 192.168.2.10 " echo "-A POSTROUTING -o eth2 -s 192.168.1.0/24 -d 192.168.2.10 -j SNAT --to-source 192.168.2.1 " # echo COMMIT @@ -546,7 +546,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:25 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:32 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall28.fw.orig b/test/ipt/firewall28.fw.orig index 90e6b9681..531a7f83f 100755 --- a/test/ipt/firewall28.fw.orig +++ b/test/ipt/firewall28.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:27 2011 PST by vadim +# Generated Thu Feb 17 17:34:33 2011 PST by vadim # # files: * firewall28.fw /etc/fw/firewall28.fw # @@ -407,7 +407,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:27 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:33 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall29.fw.orig b/test/ipt/firewall29.fw.orig index af08bb553..f915f8194 100755 --- a/test/ipt/firewall29.fw.orig +++ b/test/ipt/firewall29.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:28 2011 PST by vadim +# Generated Thu Feb 17 17:34:36 2011 PST by vadim # # files: * firewall29.fw /etc/fw/firewall29.fw # @@ -302,11 +302,11 @@ script_body() { # for i_eth0_200 in $i_eth0_200_list do - test -n "$i_eth0_200" && $IPTABLES -t nat -A PREROUTING -d $i_eth0_200 -j DNAT --to-destination 192.168.1.10 + test -n "$i_eth0_200" && $IPTABLES -t nat -A PREROUTING -d $i_eth0_200 -j DNAT --to-destination 192.168.1.10 done for i_eth0_100 in $i_eth0_100_list do - test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING -d $i_eth0_100 -j DNAT --to-destination 192.168.1.10 + test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING -d $i_eth0_100 -j DNAT --to-destination 192.168.1.10 done @@ -440,7 +440,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:28 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:36 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall3.fw.orig b/test/ipt/firewall3.fw.orig index 652605002..90d002217 100755 --- a/test/ipt/firewall3.fw.orig +++ b/test/ipt/firewall3.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:30 2011 PST by vadim +# Generated Thu Feb 17 17:34:36 2011 PST by vadim # # files: * firewall3.fw /etc/fw/firewall3.fw # @@ -578,7 +578,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:30 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:36 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall30.fw.orig b/test/ipt/firewall30.fw.orig index 3dd13217e..6080be8ce 100755 --- a/test/ipt/firewall30.fw.orig +++ b/test/ipt/firewall30.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:31 2011 PST by vadim +# Generated Thu Feb 17 17:34:39 2011 PST by vadim # # files: * firewall30.fw /etc/fw/firewall30.fw # @@ -375,7 +375,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:31 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:39 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall31.fw.orig b/test/ipt/firewall31.fw.orig index fe868531a..29fcef032 100755 --- a/test/ipt/firewall31.fw.orig +++ b/test/ipt/firewall31.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:33 2011 PST by vadim +# Generated Thu Feb 17 17:34:40 2011 PST by vadim # # files: * firewall31.fw /etc/fw/firewall31.fw # @@ -445,7 +445,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:33 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:40 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall32.fw.orig b/test/ipt/firewall32.fw.orig index 711fecd03..83b34b553 100755 --- a/test/ipt/firewall32.fw.orig +++ b/test/ipt/firewall32.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:34 2011 PST by vadim +# Generated Thu Feb 17 17:34:42 2011 PST by vadim # # files: * firewall32.fw /etc/fw/firewall32.fw # @@ -299,7 +299,7 @@ script_body() { # for i_eth0_100 in $i_eth0_100_list do - test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING -d $i_eth0_100 -j DNAT --to-destination 192.168.1.10 + test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING -d $i_eth0_100 -j DNAT --to-destination 192.168.1.10 done @@ -416,7 +416,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:34 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:42 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall33-1.fw.orig b/test/ipt/firewall33-1.fw.orig index e9f0e091e..920cbe791 100755 --- a/test/ipt/firewall33-1.fw.orig +++ b/test/ipt/firewall33-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:49 2011 PST by vadim +# Generated Thu Feb 17 17:34:56 2011 PST by vadim # # files: * firewall33-1.fw /etc/fw/firewall33-1.fw # @@ -393,11 +393,11 @@ script_body() { # $IPTABLES -N Cid438728A918346.0 $IPTABLES -A Policy -m state --state NEW -j Cid438728A918346.0 - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.48 -j RETURN - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.49 -j RETURN - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.50 -j RETURN - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.51 -j RETURN - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.52 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.16 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.17 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.18 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.19 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.20 -j RETURN $IPTABLES -A Cid438728A918346.0 -d 157.166.224.25 -j RETURN $IPTABLES -A Cid438728A918346.0 -d 157.166.224.26 -j RETURN $IPTABLES -A Cid438728A918346.0 -d 157.166.226.25 -j RETURN @@ -522,7 +522,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:49 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:56 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall33.fw.orig b/test/ipt/firewall33.fw.orig index 36399f15d..3abcddab8 100755 --- a/test/ipt/firewall33.fw.orig +++ b/test/ipt/firewall33.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:48 2011 PST by vadim +# Generated Thu Feb 17 17:34:54 2011 PST by vadim # # files: * firewall33.fw /etc/fw/firewall33.fw # @@ -303,7 +303,7 @@ script_body() { # for i_eth0_100 in $i_eth0_100_list do - test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING -d $i_eth0_100 -j DNAT --to-destination 192.168.1.10 + test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING -d $i_eth0_100 -j DNAT --to-destination 192.168.1.10 done # # Rule 1 (NAT) @@ -336,9 +336,9 @@ script_body() { # $IPTABLES -t nat -N Cid43876E7B18346.0 $IPTABLES -t nat -A POSTROUTING -o eth0.100 -j Cid43876E7B18346.0 - $IPTABLES -t nat -A Cid43876E7B18346.0 -d www.google.com -j RETURN - $IPTABLES -t nat -A Cid43876E7B18346.0 -d www.cnn.com -j RETURN - $IPTABLES -t nat -A Cid43876E7B18346.0 -j MASQUERADE + $IPTABLES -t nat -A Cid43876E7B18346.0 -d www.google.com -j RETURN + $IPTABLES -t nat -A Cid43876E7B18346.0 -d www.cnn.com -j RETURN + $IPTABLES -t nat -A Cid43876E7B18346.0 -j MASQUERADE @@ -442,11 +442,11 @@ script_body() { $IPTABLES -A OUTPUT -m state --state NEW -j Cid438728A918346.0 $IPTABLES -A INPUT -m state --state NEW -j Cid438728A918346.0 $IPTABLES -A FORWARD -m state --state NEW -j Cid438728A918346.0 - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.48 -j RETURN - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.49 -j RETURN - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.50 -j RETURN - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.51 -j RETURN - $IPTABLES -A Cid438728A918346.0 -d 74.125.224.52 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.16 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.17 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.18 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.19 -j RETURN + $IPTABLES -A Cid438728A918346.0 -d 74.125.224.20 -j RETURN $IPTABLES -A Cid438728A918346.0 -d 157.166.224.25 -j RETURN $IPTABLES -A Cid438728A918346.0 -d 157.166.224.26 -j RETURN $IPTABLES -A Cid438728A918346.0 -d 157.166.226.25 -j RETURN @@ -571,7 +571,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:48 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:54 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall34.fw.orig b/test/ipt/firewall34.fw.orig index 279b95108..0d36749b1 100755 --- a/test/ipt/firewall34.fw.orig +++ b/test/ipt/firewall34.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:52 2011 PST by vadim +# Generated Thu Feb 17 17:34:58 2011 PST by vadim # # files: * firewall34.fw /etc/fw/firewall34.fw # @@ -303,12 +303,12 @@ script_body() { $IPTABLES -t nat -N Cid4389EEB018346.0 for i_eth0_100 in $i_eth0_100_list do - test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_eth0_100 --dport 25 -j Cid4389EEB018346.0 + test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_eth0_100 --dport 25 -j Cid4389EEB018346.0 done grep -Ev '^#|^;|^\s*$' block-hosts.tbl | while read L ; do - set $L; at_block_these=$1; $IPTABLES -t nat -A Cid4389EEB018346.0 -s $at_block_these -j RETURN + set $L; at_block_these=$1; $IPTABLES -t nat -A Cid4389EEB018346.0 -s $at_block_these -j RETURN done - $IPTABLES -t nat -A Cid4389EEB018346.0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A Cid4389EEB018346.0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.1.10 # # Rule 1 (NAT) # @@ -317,9 +317,9 @@ script_body() { $IPTABLES -t nat -N Cid43891B6E674.0 $IPTABLES -t nat -A POSTROUTING -o eth0.100 -s 192.168.1.0/24 -j Cid43891B6E674.0 grep -Ev '^#|^;|^\s*$' block-hosts.tbl | while read L ; do - set $L; at_block_these=$1; $IPTABLES -t nat -A Cid43891B6E674.0 -d $at_block_these -j RETURN + set $L; at_block_these=$1; $IPTABLES -t nat -A Cid43891B6E674.0 -d $at_block_these -j RETURN done - $IPTABLES -t nat -A Cid43891B6E674.0 -j MASQUERADE + $IPTABLES -t nat -A Cid43891B6E674.0 -j MASQUERADE @@ -648,7 +648,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:52 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:34:58 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall35.fw.orig b/test/ipt/firewall35.fw.orig index 4ecfd384e..5ba76ff41 100755 --- a/test/ipt/firewall35.fw.orig +++ b/test/ipt/firewall35.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:52 2011 PST by vadim +# Generated Thu Feb 17 17:35:00 2011 PST by vadim # # files: * firewall35.fw /etc/fw/firewall35.fw # @@ -465,20 +465,20 @@ script_body() { echo ":Cid4392558F25682.0 - [0:0]" for i_eth0_100 in $i_eth0_100_list do - test -n "$i_eth0_100" && echo "-A PREROUTING -p tcp -m tcp -d $i_eth0_100 --dport 25 -j Cid4392558F25682.0 " + test -n "$i_eth0_100" && echo "-A PREROUTING -p tcp -m tcp -d $i_eth0_100 --dport 25 -j Cid4392558F25682.0 " done grep -Ev '^#|^;|^\s*$' block-hosts.tbl | while read L ; do - set $L; at_block_these=$1; echo "-A Cid4392558F25682.0 -s $at_block_these -j RETURN " + set $L; at_block_these=$1; echo "-A Cid4392558F25682.0 -s $at_block_these -j RETURN " done - echo "-A Cid4392558F25682.0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.1.10 " + echo "-A Cid4392558F25682.0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.1.10 " # # Rule 1 (NAT) echo ":Cid4392559D25682.0 - [0:0]" echo "-A POSTROUTING -o eth0.100 -s 192.168.1.0/24 -j Cid4392559D25682.0 " grep -Ev '^#|^;|^\s*$' block-hosts.tbl | while read L ; do - set $L; at_block_these=$1; echo "-A Cid4392559D25682.0 -d $at_block_these -j RETURN " + set $L; at_block_these=$1; echo "-A Cid4392559D25682.0 -d $at_block_these -j RETURN " done - echo "-A Cid4392559D25682.0 -j MASQUERADE " + echo "-A Cid4392559D25682.0 -j MASQUERADE " # echo COMMIT @@ -540,7 +540,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:52 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:00 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall36-1.fw.orig b/test/ipt/firewall36-1.fw.orig index 5f297129f..eb6cd181e 100755 --- a/test/ipt/firewall36-1.fw.orig +++ b/test/ipt/firewall36-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:56 2011 PST by vadim +# Generated Thu Feb 17 17:35:03 2011 PST by vadim # # files: * firewall36-1.fw /etc/firewall36-1.fw # @@ -433,7 +433,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:56 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:03 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall36-2.fw.orig b/test/ipt/firewall36-2.fw.orig index 35426f2b8..7ee0e7f29 100755 --- a/test/ipt/firewall36-2.fw.orig +++ b/test/ipt/firewall36-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:59 2011 PST by vadim +# Generated Thu Feb 17 17:35:05 2011 PST by vadim # # files: * firewall36-2.fw /etc/firewall36-2.fw # @@ -433,7 +433,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:59 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:05 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall36.fw.orig b/test/ipt/firewall36.fw.orig index f1d113e3f..b19e74411 100755 --- a/test/ipt/firewall36.fw.orig +++ b/test/ipt/firewall36.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:25:55 2011 PST by vadim +# Generated Thu Feb 17 17:35:02 2011 PST by vadim # # files: * firewall36.fw /etc/firewall36.fw # @@ -535,7 +535,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:25:55 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:02 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall37-1.fw.orig b/test/ipt/firewall37-1.fw.orig index 5da1d7d83..36f7dc705 100755 --- a/test/ipt/firewall37-1.fw.orig +++ b/test/ipt/firewall37-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:02 2011 PST by vadim +# Generated Thu Feb 17 17:35:08 2011 PST by vadim # # files: * firewall37-1.fw /etc/fw/firewall37-1.fw # @@ -313,12 +313,12 @@ script_body() { # echo "Rule 0 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT # ================ Table 'mangle', rule set rule27_branch # @@ -769,7 +769,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:02 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:08 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall37.fw.orig b/test/ipt/firewall37.fw.orig index 00839dbf0..3b8a28dc7 100755 --- a/test/ipt/firewall37.fw.orig +++ b/test/ipt/firewall37.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:11 2011 PST by vadim +# Generated Thu Feb 17 17:35:18 2011 PST by vadim # # files: * firewall37.fw /etc/fw/firewall37.fw # @@ -318,12 +318,12 @@ script_body() { # echo "Rule 0 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT # ================ Table 'mangle', rule set mymark # @@ -1049,7 +1049,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:11 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:18 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall38.fw.orig b/test/ipt/firewall38.fw.orig index 2cbea4bd8..99a2bf600 100755 --- a/test/ipt/firewall38.fw.orig +++ b/test/ipt/firewall38.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:05 2011 PST by vadim +# Generated Thu Feb 17 17:35:11 2011 PST by vadim # # files: * firewall38.fw /etc/fw/firewall38.fw # @@ -498,7 +498,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:05 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:11 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall39.fw.orig b/test/ipt/firewall39.fw.orig index 0d9ae97b4..567d86bed 100755 --- a/test/ipt/firewall39.fw.orig +++ b/test/ipt/firewall39.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:14 2011 PST by vadim +# Generated Thu Feb 17 17:35:22 2011 PST by vadim # # files: * firewall39.fw /etc/fw/firewall39.fw # @@ -311,12 +311,12 @@ script_body() { # echo "Rule 0 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT - $IPTABLES -t nat -A OUTPUT -j ACCEPT - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 22.22.23.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.22 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.2.1 -j ACCEPT + $IPTABLES -t nat -A OUTPUT -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT # ================ Table 'mangle', rule set rule0_branch # @@ -876,7 +876,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:14 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:22 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall4.fw.orig b/test/ipt/firewall4.fw.orig index 8c1b7eb8f..9e8873379 100755 --- a/test/ipt/firewall4.fw.orig +++ b/test/ipt/firewall4.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:13 2011 PST by vadim +# Generated Thu Feb 17 17:35:22 2011 PST by vadim # # files: * firewall4.fw /etc/fw/firewall4.fw # @@ -338,11 +338,11 @@ script_body() { # for i_eth1 in $i_eth1_list do - test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_eth1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_eth1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 done - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 222.222.222.222 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 222.222.222.222 --dport 22 -j DNAT --to-destination 192.168.1.10:22 # # Rule 6 (NAT) # @@ -350,7 +350,7 @@ script_body() { # for i_eth1 in $i_eth1_list do - test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_eth1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + test -n "$i_eth1" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_eth1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 done @@ -710,7 +710,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:13 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:22 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall40-1.fw.orig b/test/ipt/firewall40-1.fw.orig index 93c0c7215..f631df876 100755 --- a/test/ipt/firewall40-1.fw.orig +++ b/test/ipt/firewall40-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:17 2011 PST by vadim +# Generated Thu Feb 17 17:35:26 2011 PST by vadim # # files: * firewall40-1.fw /etc/firewall40-1.fw # @@ -450,7 +450,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:17 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:26 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall40-2.fw.orig b/test/ipt/firewall40-2.fw.orig index 4e2756544..8e87d04e4 100755 --- a/test/ipt/firewall40-2.fw.orig +++ b/test/ipt/firewall40-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:19 2011 PST by vadim +# Generated Thu Feb 17 17:35:29 2011 PST by vadim # # files: * firewall40-2.fw /etc/firewall40-2.fw # @@ -437,7 +437,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:19 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:29 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall40.fw.orig b/test/ipt/firewall40.fw.orig index a23c2c6ef..72a633ccf 100755 --- a/test/ipt/firewall40.fw.orig +++ b/test/ipt/firewall40.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:16 2011 PST by vadim +# Generated Thu Feb 17 17:35:25 2011 PST by vadim # # files: * firewall40.fw /etc/firewall40.fw # @@ -439,7 +439,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:16 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:25 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall41-1.fw.orig b/test/ipt/firewall41-1.fw.orig index 2c3caeab6..d654d9c64 100755 --- a/test/ipt/firewall41-1.fw.orig +++ b/test/ipt/firewall41-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:22 2011 PST by vadim +# Generated Thu Feb 17 17:35:32 2011 PST by vadim # # files: * firewall41-1.fw /etc/firewall41-1.fw # @@ -443,14 +443,14 @@ script_body() { # $IPTABLES -t nat -N Cid2287813X9995.0 $IPTABLES -t nat -A POSTROUTING -o eth0 -j Cid2287813X9995.0 - $IPTABLES -t nat -A Cid2287813X9995.0 -m set --set atbl.1 src -j RETURN - $IPTABLES -t nat -A Cid2287813X9995.0 -j SNAT --to-source 1.1.1.1 + $IPTABLES -t nat -A Cid2287813X9995.0 -m set --set atbl.1 src -j RETURN + $IPTABLES -t nat -A Cid2287813X9995.0 -j SNAT --to-source 1.1.1.1 # # Rule 2 (NAT) # echo "Rule 2 (NAT)" # - $IPTABLES -t nat -A PREROUTING -m set --set atbl.1 dst -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -m set --set atbl.1 dst -j DNAT --to-destination 192.168.1.10 @@ -575,7 +575,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:22 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:32 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall41.fw.orig b/test/ipt/firewall41.fw.orig index 0e7b50fa2..6b2947667 100755 --- a/test/ipt/firewall41.fw.orig +++ b/test/ipt/firewall41.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:25 2011 PST by vadim +# Generated Thu Feb 17 17:35:34 2011 PST by vadim # # files: * firewall41.fw /etc/firewall41.fw # @@ -456,7 +456,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:25 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:34 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall42.fw.orig b/test/ipt/firewall42.fw.orig index f9b5afd5b..b86bee5eb 100755 --- a/test/ipt/firewall42.fw.orig +++ b/test/ipt/firewall42.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:28 2011 PST by vadim +# Generated Thu Feb 17 17:35:37 2011 PST by vadim # # files: * firewall42.fw /etc/fw/firewall42.fw # @@ -382,7 +382,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:28 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:37 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall5.fw.orig b/test/ipt/firewall5.fw.orig index 35db8dda3..40b083616 100755 --- a/test/ipt/firewall5.fw.orig +++ b/test/ipt/firewall5.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:28 2011 PST by vadim +# Generated Thu Feb 17 17:35:38 2011 PST by vadim # # files: * firewall5.fw /etc/fw/firewall5.fw # @@ -324,14 +324,14 @@ script_body() { # for i_ppp0 in $i_ppp0_list do - test -n "$i_ppp0" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_ppp0 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + test -n "$i_ppp0" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_ppp0 --dport 22 -j DNAT --to-destination 192.168.1.10:22 done for i_ppp1 in $i_ppp1_list do - test -n "$i_ppp1" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_ppp1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + test -n "$i_ppp1" && $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d $i_ppp1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 done - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10:22 @@ -622,7 +622,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:28 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:38 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall50.fw.orig b/test/ipt/firewall50.fw.orig index 93649f57c..9d21541b7 100755 --- a/test/ipt/firewall50.fw.orig +++ b/test/ipt/firewall50.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:31 2011 PST by vadim +# Generated Thu Feb 17 17:35:41 2011 PST by vadim # # files: * firewall50.fw /etc/fw/firewall50.fw # @@ -407,7 +407,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:31 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:41 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall51.fw.orig b/test/ipt/firewall51.fw.orig index fd697c3c5..19618809d 100755 --- a/test/ipt/firewall51.fw.orig +++ b/test/ipt/firewall51.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:34 2011 PST by vadim +# Generated Thu Feb 17 17:35:44 2011 PST by vadim # # files: * firewall51.fw /etc/fw/firewall51.fw # @@ -491,7 +491,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:34 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:44 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall6.fw.orig b/test/ipt/firewall6.fw.orig index f1c32dd13..9ca42bbfa 100755 --- a/test/ipt/firewall6.fw.orig +++ b/test/ipt/firewall6.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:34 2011 PST by vadim +# Generated Thu Feb 17 17:35:44 2011 PST by vadim # # files: * firewall6.fw /etc/fw/firewall6.fw # @@ -306,7 +306,7 @@ script_body() { # echo "Rule 1 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.24 --dport 80 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.24 --dport 80 -j DNAT --to-destination 192.168.1.20 # # Rule 2 (NAT) # @@ -315,14 +315,14 @@ script_body() { # this is SDNAT rule, it translates # both source and destination # this rule should be equivalent to two rules above - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 -d 22.22.23.24 --dport 80 -j DNAT --to-destination 192.168.1.20 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 -d 22.22.23.24 --dport 80 -j DNAT --to-destination 192.168.1.20 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s 192.168.1.0/24 -d 192.168.1.20 --dport 80 -j SNAT --to-source 192.168.1.1 # # Rule 3 (NAT) # echo "Rule 3 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.11 --dport 80 -j SNAT --to-source 192.168.1.1 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.12 --dport 80 -j SNAT --to-source 192.168.1.1 # @@ -330,7 +330,7 @@ script_body() { # echo "Rule 4 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.11 --dport 80 -j SNAT --to-source 192.168.1.1 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.12 --dport 80 -j SNAT --to-source 192.168.1.1 # @@ -338,10 +338,10 @@ script_body() { # echo "Rule 5 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.22.22 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 22.22.23.23 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1 --dport 80 -j DNAT --to-destination 192.168.1.11-192.168.1.12 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.11 --dport 80 -j SNAT --to-source 192.168.1.1 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -d 192.168.1.12 --dport 80 -j SNAT --to-source 192.168.1.1 # @@ -349,7 +349,7 @@ script_body() { # echo "Rule 6 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.100 --dport 80 -j DNAT --to-destination 192.168.1.100:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.100 --dport 80 -j DNAT --to-destination 192.168.1.100:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s ! 192.168.1.100 -d 192.168.1.100 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 7 (NAT) @@ -357,10 +357,10 @@ script_body() { echo "Rule 7 (NAT)" # $IPTABLES -t nat -N Cid3F9F8382.0 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j Cid3F9F8382.0 - $IPTABLES -t nat -A Cid3F9F8382.0 -d 222.222.222.40 -j RETURN - $IPTABLES -t nat -A Cid3F9F8382.0 -d 222.222.222.41 -j RETURN - $IPTABLES -t nat -A Cid3F9F8382.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.100:3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 --dport 80 -j Cid3F9F8382.0 + $IPTABLES -t nat -A Cid3F9F8382.0 -d 222.222.222.40 -j RETURN + $IPTABLES -t nat -A Cid3F9F8382.0 -d 222.222.222.41 -j RETURN + $IPTABLES -t nat -A Cid3F9F8382.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.100:3128 $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp -m tcp -s 192.168.1.0/24 -d 192.168.1.100 --dport 3128 -j SNAT --to-source 192.168.1.1 # # Rule 8 (NAT) @@ -513,7 +513,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:34 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:44 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall60.fw.orig b/test/ipt/firewall60.fw.orig index 6a8ebcdc8..2a012f2dc 100755 --- a/test/ipt/firewall60.fw.orig +++ b/test/ipt/firewall60.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:37 2011 PST by vadim +# Generated Thu Feb 17 17:35:47 2011 PST by vadim # # files: * firewall60.fw /etc/firewall60.fw # @@ -419,7 +419,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:37 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:47 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall61-1.2.5.fw.orig b/test/ipt/firewall61-1.2.5.fw.orig index 88a51ba4f..2f093f4df 100755 --- a/test/ipt/firewall61-1.2.5.fw.orig +++ b/test/ipt/firewall61-1.2.5.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:38 2011 PST by vadim +# Generated Thu Feb 17 17:35:48 2011 PST by vadim # # files: * firewall61-1.2.5.fw /etc/firewall61-1.2.5.fw # @@ -499,7 +499,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:38 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:48 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall61-1.2.6.fw.orig b/test/ipt/firewall61-1.2.6.fw.orig index 4a0285f96..b2411616e 100755 --- a/test/ipt/firewall61-1.2.6.fw.orig +++ b/test/ipt/firewall61-1.2.6.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:41 2011 PST by vadim +# Generated Thu Feb 17 17:35:52 2011 PST by vadim # # files: * firewall61-1.2.6.fw /etc/firewall61-1.2.6.fw # @@ -505,7 +505,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:41 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:52 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall61-1.3.x.fw.orig b/test/ipt/firewall61-1.3.x.fw.orig index c2083107d..b2322e5ae 100755 --- a/test/ipt/firewall61-1.3.x.fw.orig +++ b/test/ipt/firewall61-1.3.x.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:42 2011 PST by vadim +# Generated Thu Feb 17 17:35:53 2011 PST by vadim # # files: * firewall61-1.3.x.fw /etc/firewall61-1.3.x.fw # @@ -492,7 +492,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:42 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:53 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall61-1.4.fw.orig b/test/ipt/firewall61-1.4.fw.orig index a5843e45f..37f6555ab 100755 --- a/test/ipt/firewall61-1.4.fw.orig +++ b/test/ipt/firewall61-1.4.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:45 2011 PST by vadim +# Generated Thu Feb 17 17:35:56 2011 PST by vadim # # files: * firewall61-1.4.fw /etc/firewall61-1.4.fw # @@ -493,7 +493,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:45 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:56 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall62.fw.orig b/test/ipt/firewall62.fw.orig index 03a50a02f..c92c978f6 100755 --- a/test/ipt/firewall62.fw.orig +++ b/test/ipt/firewall62.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:45 2011 PST by vadim +# Generated Thu Feb 17 17:35:56 2011 PST by vadim # # files: * firewall62.fw /etc/firewall62.fw # @@ -543,7 +543,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:45 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:56 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall63.fw.orig b/test/ipt/firewall63.fw.orig index 3838701d4..f406fec67 100755 --- a/test/ipt/firewall63.fw.orig +++ b/test/ipt/firewall63.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:48 2011 PST by vadim +# Generated Thu Feb 17 17:35:59 2011 PST by vadim # # files: * firewall63.fw /etc/firewall63.fw # @@ -389,7 +389,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:48 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:59 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall7.fw.orig b/test/ipt/firewall7.fw.orig index 5aa704376..b63cf3042 100755 --- a/test/ipt/firewall7.fw.orig +++ b/test/ipt/firewall7.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:48 2011 PST by vadim +# Generated Thu Feb 17 17:35:59 2011 PST by vadim # # files: * firewall7.fw /etc/fw/firewall7.fw # @@ -473,7 +473,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:48 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:59 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall70.fw.orig b/test/ipt/firewall70.fw.orig index c4a2756ca..e8fbc4dfc 100755 --- a/test/ipt/firewall70.fw.orig +++ b/test/ipt/firewall70.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:52 2011 PST by vadim +# Generated Thu Feb 17 17:36:04 2011 PST by vadim # # files: * firewall70.fw iptables.sh # @@ -412,7 +412,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:52 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:04 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall71.fw.orig b/test/ipt/firewall71.fw.orig index efa210ce8..55239f771 100755 --- a/test/ipt/firewall71.fw.orig +++ b/test/ipt/firewall71.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:52 2011 PST by vadim +# Generated Thu Feb 17 17:36:04 2011 PST by vadim # # files: * firewall71.fw /etc/fw/firewall71.fw # @@ -428,7 +428,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:52 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:04 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall72-1.3.x.fw.orig b/test/ipt/firewall72-1.3.x.fw.orig index aec43d616..6653cfd59 100755 --- a/test/ipt/firewall72-1.3.x.fw.orig +++ b/test/ipt/firewall72-1.3.x.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:55 2011 PST by vadim +# Generated Thu Feb 17 17:36:07 2011 PST by vadim # # files: * firewall72-1.3.x.fw /etc/fw/firewall72-1.3.x.fw # @@ -343,15 +343,15 @@ script_body() { $IPTABLES -t nat -N Cid212911X8629.0 $IPTABLES -t nat -A POSTROUTING -o eth0 -s 192.168.1.0/24 -j Cid212911X8629.0 $IPTABLES -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -j Cid212911X8629.0 - $IPTABLES -t nat -A Cid212911X8629.0 -d 192.168.1.0/24 -j RETURN - $IPTABLES -t nat -A Cid212911X8629.0 -d 192.168.2.0/24 -j RETURN - $IPTABLES -t nat -A Cid212911X8629.0 -j SNAT --to-source 172.16.1.1 + $IPTABLES -t nat -A Cid212911X8629.0 -d 192.168.1.0/24 -j RETURN + $IPTABLES -t nat -A Cid212911X8629.0 -d 192.168.2.0/24 -j RETURN + $IPTABLES -t nat -A Cid212911X8629.0 -j SNAT --to-source 172.16.1.1 # # Rule 5 (NAT) # echo "Rule 5 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 -d ! 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 -d ! 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 @@ -555,7 +555,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:55 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:07 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall72-1.4.3.fw.orig b/test/ipt/firewall72-1.4.3.fw.orig index 3afe28fce..193ade8b9 100755 --- a/test/ipt/firewall72-1.4.3.fw.orig +++ b/test/ipt/firewall72-1.4.3.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:55 2011 PST by vadim +# Generated Thu Feb 17 17:36:07 2011 PST by vadim # # files: * firewall72-1.4.3.fw /etc/fw/firewall72-1.4.3.fw # @@ -343,15 +343,15 @@ script_body() { $IPTABLES -t nat -N Cid213031X8629.0 $IPTABLES -t nat -A POSTROUTING -o eth0 -s 192.168.1.0/24 -j Cid213031X8629.0 $IPTABLES -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -j Cid213031X8629.0 - $IPTABLES -t nat -A Cid213031X8629.0 -d 192.168.1.0/24 -j RETURN - $IPTABLES -t nat -A Cid213031X8629.0 -d 192.168.2.0/24 -j RETURN - $IPTABLES -t nat -A Cid213031X8629.0 -j SNAT --to-source 172.16.1.1 + $IPTABLES -t nat -A Cid213031X8629.0 -d 192.168.1.0/24 -j RETURN + $IPTABLES -t nat -A Cid213031X8629.0 -d 192.168.2.0/24 -j RETURN + $IPTABLES -t nat -A Cid213031X8629.0 -j SNAT --to-source 172.16.1.1 # # Rule 5 (NAT) # echo "Rule 5 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 ! -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.168.1.0/24 ! -d 192.168.1.1 --dport 80 -j REDIRECT --to-ports 3128 @@ -555,7 +555,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:55 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:07 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall73.fw.orig b/test/ipt/firewall73.fw.orig index 9f5475273..c3fafe331 100755 --- a/test/ipt/firewall73.fw.orig +++ b/test/ipt/firewall73.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:58 2011 PST by vadim +# Generated Thu Feb 17 17:36:11 2011 PST by vadim # # files: * firewall73.fw /etc/fw/firewall73.fw # @@ -523,7 +523,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:58 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:11 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall74.fw.orig b/test/ipt/firewall74.fw.orig index 150c7d717..1d8e303ef 100755 --- a/test/ipt/firewall74.fw.orig +++ b/test/ipt/firewall74.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:58 2011 PST by vadim +# Generated Thu Feb 17 17:36:11 2011 PST by vadim # # files: * firewall74.fw /etc/fw/firewall74.fw # @@ -375,7 +375,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:26:58 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:11 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall8.fw.orig b/test/ipt/firewall8.fw.orig index 05f2a4077..f07de2217 100755 --- a/test/ipt/firewall8.fw.orig +++ b/test/ipt/firewall8.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:01 2011 PST by vadim +# Generated Thu Feb 17 17:36:14 2011 PST by vadim # # files: * firewall8.fw /etc/fw/firewall8.fw # @@ -358,7 +358,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:01 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:14 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall80.fw.orig b/test/ipt/firewall80.fw.orig index c6405991c..d935a613a 100755 --- a/test/ipt/firewall80.fw.orig +++ b/test/ipt/firewall80.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:02 2011 PST by vadim +# Generated Thu Feb 17 17:36:15 2011 PST by vadim # # files: * firewall80.fw /etc/fw/firewall80.fw # @@ -298,8 +298,8 @@ script_body() { # # DNAT Rule $IPTABLES -t nat -N NAT_1_PREROUTING - $IPTABLES -t nat -A NAT_1_PREROUTING -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A OUTPUT -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A NAT_1_PREROUTING -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A OUTPUT -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 # # Rule NAT_1 1 (NAT) # @@ -317,33 +317,33 @@ script_body() { # # Branch rule with actual translation. Translation is ignored and warning should be issued # firewall80:NAT:0: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch' - $IPTABLES -t nat -A POSTROUTING -d 192.0.2.1 -j NAT_1_POSTROUTING + $IPTABLES -t nat -A POSTROUTING -d 192.0.2.1 -j NAT_1_POSTROUTING # firewall80:NAT:0: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch' - $IPTABLES -t nat -A PREROUTING -d 192.0.2.1 -j NAT_1_PREROUTING + $IPTABLES -t nat -A PREROUTING -d 192.0.2.1 -j NAT_1_PREROUTING # # Rule 1 (NAT) # echo "Rule 1 (NAT)" # # DNAT Rule - $IPTABLES -t nat -A POSTROUTING -j NAT_1_POSTROUTING - $IPTABLES -t nat -A PREROUTING -j NAT_1_PREROUTING + $IPTABLES -t nat -A POSTROUTING -j NAT_1_POSTROUTING + $IPTABLES -t nat -A PREROUTING -j NAT_1_PREROUTING # # Rule 2 (NAT) # echo "Rule 2 (NAT)" # # for #1686 - $IPTABLES -t nat -A POSTROUTING -p tcp -m tcp -s 192.0.2.1 --dport 10000:11000 -j NAT_1_POSTROUTING - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.0.2.1 --dport 10000:11000 -j NAT_1_PREROUTING + $IPTABLES -t nat -A POSTROUTING -p tcp -m tcp -s 192.0.2.1 --dport 10000:11000 -j NAT_1_POSTROUTING + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.0.2.1 --dport 10000:11000 -j NAT_1_PREROUTING # # Rule 3 (NAT) # echo "Rule 3 (NAT)" # # for #1686 - $IPTABLES -t nat -A POSTROUTING -p tcp -m tcp -s 192.0.2.1 --dport 10000:11000 -j NAT_1_POSTROUTING - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.0.2.1 --dport 10000:11000 -j NAT_1_PREROUTING + $IPTABLES -t nat -A POSTROUTING -p tcp -m tcp -s 192.0.2.1 --dport 10000:11000 -j NAT_1_POSTROUTING + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s 192.0.2.1 --dport 10000:11000 -j NAT_1_PREROUTING } ip_forward() { @@ -399,7 +399,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:02 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:15 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall81.fw.orig b/test/ipt/firewall81.fw.orig index e22a013cf..b389467cf 100755 --- a/test/ipt/firewall81.fw.orig +++ b/test/ipt/firewall81.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:05 2011 PST by vadim +# Generated Thu Feb 17 17:36:18 2011 PST by vadim # # files: * firewall81.fw /etc/fw/firewall81.fw # @@ -303,9 +303,9 @@ script_body() { # Translation is ignored and warning should be issued # firewall81:NAT_2:0: warning: NAT branching rule does not have information about targets used in the branch ruleset to choose proper chain in the nat table. Will split the rule and place it in both PREROUTNING and POSTROUTING $IPTABLES -t nat -N NAT_1 - $IPTABLES -t nat -A POSTROUTING -d 192.0.2.1 -j NAT_1 + $IPTABLES -t nat -A POSTROUTING -d 192.0.2.1 -j NAT_1 # firewall81:NAT_2:0: warning: NAT branching rule does not have information about targets used in the branch ruleset to choose proper chain in the nat table. Will split the rule and place it in both PREROUTNING and POSTROUTING - $IPTABLES -t nat -A PREROUTING -d 192.0.2.1 -j NAT_1 + $IPTABLES -t nat -A PREROUTING -d 192.0.2.1 -j NAT_1 # # Rule NAT_2 1 (NAT) # @@ -313,9 +313,9 @@ script_body() { # # DNAT Rule # firewall81:NAT_2:1: warning: NAT branching rule does not have information about targets used in the branch ruleset to choose proper chain in the nat table. Will split the rule and place it in both PREROUTNING and POSTROUTING - $IPTABLES -t nat -A POSTROUTING -j NAT_1 + $IPTABLES -t nat -A POSTROUTING -j NAT_1 # firewall81:NAT_2:1: warning: NAT branching rule does not have information about targets used in the branch ruleset to choose proper chain in the nat table. Will split the rule and place it in both PREROUTNING and POSTROUTING - $IPTABLES -t nat -A PREROUTING -j NAT_1 + $IPTABLES -t nat -A PREROUTING -j NAT_1 # ================ Table 'nat', rule set NAT_1 # @@ -325,7 +325,7 @@ script_body() { # # DNAT Rule $IPTABLES -t nat -N NAT_1_PREROUTING - $IPTABLES -t nat -A NAT_1_PREROUTING -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A NAT_1_PREROUTING -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 # # Rule NAT_1 1 (NAT) # @@ -342,7 +342,7 @@ script_body() { echo "Rule NAT_1 0 (NAT)" # # DNAT Rule - $IPTABLES -t nat -A NAT_1_PREROUTING -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A NAT_1_PREROUTING -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 # # Rule NAT_1 1 (NAT) # @@ -419,7 +419,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:05 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:18 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall82.fw.orig b/test/ipt/firewall82.fw.orig index f5a4d0a97..e0425fb60 100755 --- a/test/ipt/firewall82.fw.orig +++ b/test/ipt/firewall82.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:06 2011 PST by vadim +# Generated Thu Feb 17 17:36:19 2011 PST by vadim # # files: * firewall82.fw /etc/firewall82.fw # @@ -414,7 +414,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:06 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:19 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall82_A.fw.orig b/test/ipt/firewall82_A.fw.orig index 70d549a81..784352e72 100755 --- a/test/ipt/firewall82_A.fw.orig +++ b/test/ipt/firewall82_A.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:09 2011 PST by vadim +# Generated Thu Feb 17 17:36:23 2011 PST by vadim # # files: * firewall82_A.fw /etc/fw/firewall82_A.fw # @@ -406,7 +406,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:09 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:23 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall82_B.fw.orig b/test/ipt/firewall82_B.fw.orig index 4d97a5305..ba7f8675c 100755 --- a/test/ipt/firewall82_B.fw.orig +++ b/test/ipt/firewall82_B.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:09 2011 PST by vadim +# Generated Thu Feb 17 17:36:22 2011 PST by vadim # # files: * firewall82_B.fw /etc/fw/firewall82_B.fw # @@ -363,7 +363,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:09 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:22 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall9.fw.orig b/test/ipt/firewall9.fw.orig index 3670d837f..4d975eb02 100755 --- a/test/ipt/firewall9.fw.orig +++ b/test/ipt/firewall9.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:12 2011 PST by vadim +# Generated Thu Feb 17 17:36:26 2011 PST by vadim # # files: * firewall9.fw /etc/fw/firewall9.fw # @@ -633,7 +633,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:12 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:26 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall90.fw.orig b/test/ipt/firewall90.fw.orig index 220f70fb9..de072866e 100755 --- a/test/ipt/firewall90.fw.orig +++ b/test/ipt/firewall90.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:13 2011 PST by vadim +# Generated Thu Feb 17 17:36:26 2011 PST by vadim # # files: * firewall90.fw /etc/fw/firewall90.fw # @@ -383,7 +383,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:13 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:26 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall91.fw.orig b/test/ipt/firewall91.fw.orig index c3f2302d0..8a57fb8ad 100755 --- a/test/ipt/firewall91.fw.orig +++ b/test/ipt/firewall91.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:15 2011 PST by vadim +# Generated Thu Feb 17 17:36:29 2011 PST by vadim # # files: * firewall91.fw /etc/fw/firewall91.fw # @@ -383,7 +383,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:15 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:29 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall92.fw.orig b/test/ipt/firewall92.fw.orig index b5b8447ec..2c05b44d8 100755 --- a/test/ipt/firewall92.fw.orig +++ b/test/ipt/firewall92.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:16 2011 PST by vadim +# Generated Thu Feb 17 17:36:30 2011 PST by vadim # # files: * firewall92.fw /etc/fw/firewall92.fw # @@ -313,13 +313,13 @@ script_body() { # echo "Rule 0 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p udp -m udp -m owner --uid-owner anonymous -j REDIRECT --to-ports 53 + $IPTABLES -t nat -A OUTPUT -p udp -m udp -m owner --uid-owner anonymous -j REDIRECT --to-ports 53 # # Rule 1 (NAT) # echo "Rule 1 (NAT)" # - $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m owner --uid-owner anonymous -j REDIRECT --to-ports 9040 + $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m owner --uid-owner anonymous -j REDIRECT --to-ports 9040 @@ -419,7 +419,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:16 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:30 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall93.fw.orig b/test/ipt/firewall93.fw.orig index 2137dbba3..af0caba52 100755 --- a/test/ipt/firewall93.fw.orig +++ b/test/ipt/firewall93.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:27:19 2011 PST by vadim +# Generated Thu Feb 17 17:36:33 2011 PST by vadim # # files: * firewall93.fw /etc/fw/firewall93.fw # @@ -458,7 +458,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:27:19 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:36:33 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/fw-A.fw.orig b/test/ipt/fw-A.fw.orig index 50ada1852..7c7662513 100755 --- a/test/ipt/fw-A.fw.orig +++ b/test/ipt/fw-A.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:46 2011 PST by vadim +# Generated Thu Feb 17 17:38:05 2011 PST by vadim # # files: * fw-A.fw /sw/FWbuilder/fw-A.fw # @@ -722,7 +722,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:46 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:05 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/fw1.fw.orig b/test/ipt/fw1.fw.orig index 49b111342..24c9f9473 100755 --- a/test/ipt/fw1.fw.orig +++ b/test/ipt/fw1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:45 2011 PST by vadim +# Generated Thu Feb 17 17:38:02 2011 PST by vadim # # files: * fw1.fw /etc/fw1.fw # @@ -324,8 +324,8 @@ script_body() { # echo "Rule 0 (NAT)" # - $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT - $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -j ACCEPT # # Rule 1 (NAT) # @@ -339,15 +339,15 @@ script_body() { echo "Rule 2 (NAT)" # # dest port only - $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --dport 53 -j DNAT --to-destination :1053 + $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --dport 53 -j DNAT --to-destination :1053 # # Rule 3 (NAT) # echo "Rule 3 (NAT)" # # SDNAT - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.0.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.0.2.1 --dport 22 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 192.168.1.1 --dport 22 -j DNAT --to-destination 192.168.1.10 $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp -d 192.168.1.10 --dport 22 -j SNAT --to-source 192.168.1.1 # # Rule 4 (NAT) @@ -355,8 +355,8 @@ script_body() { echo "Rule 4 (NAT)" # # SDNAT with source port - $IPTABLES -t nat -A PREROUTING -p udp -m udp --sport 123 -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 - $IPTABLES -t nat -A PREROUTING -p udp -m udp --sport 123 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p udp -m udp --sport 123 -d 192.0.2.1 -j DNAT --to-destination 192.168.1.10 + $IPTABLES -t nat -A PREROUTING -p udp -m udp --sport 123 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.10 $IPTABLES -t nat -A POSTROUTING -o eth1 -p udp -m udp --sport 123 -d 192.168.1.10 -j SNAT --to-source 192.168.1.1:5050 # # Rule 5 (NAT) @@ -364,7 +364,7 @@ script_body() { echo "Rule 5 (NAT)" # # SDNAT with dest port - $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --dport 53 -j DNAT --to-destination 192.168.1.10:1053 + $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --dport 53 -j DNAT --to-destination 192.168.1.10:1053 $IPTABLES -t nat -A POSTROUTING -o eth1 -p udp -m udp -s 192.168.1.0/24 -d 192.168.1.10 --dport 1053 -j SNAT --to-source 192.168.1.1 # # Rule 6 (NAT) @@ -374,7 +374,7 @@ script_body() { # SDNAT # translate src and dst addresses # and src and dst ports - $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --sport 1024:65535 --dport 53 -j DNAT --to-destination 192.168.1.10:1053 + $IPTABLES -t nat -A PREROUTING -p udp -m udp -s 192.168.1.0/24 --sport 1024:65535 --dport 53 -j DNAT --to-destination 192.168.1.10:1053 $IPTABLES -t nat -A POSTROUTING -o eth1 -p udp -m udp -s 192.168.1.0/24 -d 192.168.1.10 --dport 1053 -j SNAT --to-source 192.168.1.1:32767-65535 # # Rule 7 (NAT) @@ -519,7 +519,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:45 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:02 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/fwbuilder.fw.orig b/test/ipt/fwbuilder.fw.orig index 796d8ae14..fdafa5cac 100755 --- a/test/ipt/fwbuilder.fw.orig +++ b/test/ipt/fwbuilder.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:26:25 2011 PST by vadim +# Generated Thu Feb 17 17:35:35 2011 PST by vadim # # files: * fwbuilder.fw /etc/init.d/fwbuilder.fw # @@ -325,16 +325,16 @@ script_body() { $IPTABLES -t nat -N Cid2101361X9995.0 $IPTABLES -t nat -A POSTROUTING -o eth+ -j Cid2101361X9995.0 grep -Ev '^#|^;|^\s*$' addr-table-1.tbl | while read L ; do - set $L; at_atbl_1=$1; $IPTABLES -t nat -A Cid2101361X9995.0 -s $at_atbl_1 -j RETURN + set $L; at_atbl_1=$1; $IPTABLES -t nat -A Cid2101361X9995.0 -s $at_atbl_1 -j RETURN done - $IPTABLES -t nat -A Cid2101361X9995.0 -o eth+ -j SNAT --to-source 1.1.1.1 + $IPTABLES -t nat -A Cid2101361X9995.0 -j SNAT --to-source 1.1.1.1 # # Rule 2 (NAT) # echo "Rule 2 (NAT)" # grep -Ev '^#|^;|^\s*$' addr-table-1.tbl | while read L ; do - set $L; at_atbl_1=$1; $IPTABLES -t nat -A PREROUTING -d $at_atbl_1 -j DNAT --to-destination 192.168.1.10 + set $L; at_atbl_1=$1; $IPTABLES -t nat -A PREROUTING -d $at_atbl_1 -j DNAT --to-destination 192.168.1.10 done @@ -483,7 +483,7 @@ status_action() { } start() { - log "Activating firewall script generated Tue Feb 15 14:26:25 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:35:35 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/heartbeat_cluster_1_d_linux-1-d.fw.orig b/test/ipt/heartbeat_cluster_1_d_linux-1-d.fw.orig index e9ca04aca..f22d95a34 100755 --- a/test/ipt/heartbeat_cluster_1_d_linux-1-d.fw.orig +++ b/test/ipt/heartbeat_cluster_1_d_linux-1-d.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:58 2011 PST by vadim +# Generated Thu Feb 17 17:38:18 2011 PST by vadim # # files: * heartbeat_cluster_1_d_linux-1-d.fw firewall.sh # @@ -343,7 +343,7 @@ script_body() { # for i_eth0 in $i_eth0_list do - test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.100 + test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.100 done # # Rule 4 (NAT) @@ -352,7 +352,7 @@ script_body() { # for i_eth0 in $i_eth0_list do - test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.100 + test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.100 done @@ -720,7 +720,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:58 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:18 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/heartbeat_cluster_1_d_linux-2-d.fw.orig b/test/ipt/heartbeat_cluster_1_d_linux-2-d.fw.orig index 141d35f11..33ef726ac 100755 --- a/test/ipt/heartbeat_cluster_1_d_linux-2-d.fw.orig +++ b/test/ipt/heartbeat_cluster_1_d_linux-2-d.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:59 2011 PST by vadim +# Generated Thu Feb 17 17:38:19 2011 PST by vadim # # files: * heartbeat_cluster_1_d_linux-2-d.fw firewall.sh # @@ -348,7 +348,7 @@ script_body() { # for i_eth0 in $i_eth0_list do - test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.100 + test -n "$i_eth0" && $IPTABLES -t nat -A PREROUTING -d $i_eth0 -j DNAT --to-destination 192.168.1.100 done # # Rule 4 (NAT) @@ -356,7 +356,7 @@ script_body() { echo "Rule 4 (NAT)" # # heartbeat_cluster_1_d:NAT:4: error: Can not build rule using dynamic interface 'eth0' of the object 'linux-1-d' because its address in unknown. - $IPTABLES -t nat -A PREROUTING -d -j DNAT --to-destination 192.168.1.100 + $IPTABLES -t nat -A PREROUTING -d -j DNAT --to-destination 192.168.1.100 @@ -723,7 +723,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:59 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:19 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/heartbeat_cluster_1_linux-1.fw.orig b/test/ipt/heartbeat_cluster_1_linux-1.fw.orig index 6fea79e9f..42407173f 100755 --- a/test/ipt/heartbeat_cluster_1_linux-1.fw.orig +++ b/test/ipt/heartbeat_cluster_1_linux-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:57 2011 PST by vadim +# Generated Thu Feb 17 17:38:17 2011 PST by vadim # # files: * heartbeat_cluster_1_linux-1.fw /etc/heartbeat_cluster_1_linux-1.fw # @@ -417,13 +417,13 @@ script_body() { # echo "Rule 2 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 172.24.0.1 --dport 22 -j DNAT --to-destination 192.168.1.100 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 172.24.0.1 --dport 22 -j DNAT --to-destination 192.168.1.100 # # Rule 3 (NAT) # echo "Rule 3 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 172.24.0.1 --dport 22 -j DNAT --to-destination 192.168.1.100 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 172.24.0.1 --dport 22 -j DNAT --to-destination 192.168.1.100 @@ -843,7 +843,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:57 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:17 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/heartbeat_cluster_1_linux-2.fw.orig b/test/ipt/heartbeat_cluster_1_linux-2.fw.orig index bf6d59b9a..5804c5e1f 100755 --- a/test/ipt/heartbeat_cluster_1_linux-2.fw.orig +++ b/test/ipt/heartbeat_cluster_1_linux-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:58 2011 PST by vadim +# Generated Thu Feb 17 17:38:18 2011 PST by vadim # # files: * heartbeat_cluster_1_linux-2.fw /etc/heartbeat_cluster_1_linux-2.fw # @@ -322,13 +322,13 @@ script_body() { # echo "Rule 2 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 172.24.0.1 --dport 22 -j DNAT --to-destination 192.168.1.100 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 172.24.0.1 --dport 22 -j DNAT --to-destination 192.168.1.100 # # Rule 3 (NAT) # echo "Rule 3 (NAT)" # - $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 172.24.0.1 --dport 22 -j DNAT --to-destination 192.168.1.100 + $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -d 172.24.0.1 --dport 22 -j DNAT --to-destination 192.168.1.100 @@ -741,7 +741,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:58 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:18 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/heartbeat_cluster_2_linux-1.fw.orig b/test/ipt/heartbeat_cluster_2_linux-1.fw.orig index 4b7a75c4a..6b4845663 100755 --- a/test/ipt/heartbeat_cluster_2_linux-1.fw.orig +++ b/test/ipt/heartbeat_cluster_2_linux-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:59 2011 PST by vadim +# Generated Thu Feb 17 17:38:19 2011 PST by vadim # # files: * heartbeat_cluster_2_linux-1.fw /etc/heartbeat_cluster_2_linux-1.fw # @@ -707,7 +707,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:59 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:19 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/heartbeat_cluster_2_linux-2.fw.orig b/test/ipt/heartbeat_cluster_2_linux-2.fw.orig index c551c5345..5513fba87 100755 --- a/test/ipt/heartbeat_cluster_2_linux-2.fw.orig +++ b/test/ipt/heartbeat_cluster_2_linux-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:59 2011 PST by vadim +# Generated Thu Feb 17 17:38:20 2011 PST by vadim # # files: * heartbeat_cluster_2_linux-2.fw /etc/heartbeat_cluster_2_linux-2.fw # @@ -620,7 +620,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:59 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:20 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/host.fw.orig b/test/ipt/host.fw.orig index fe42aa514..78e28b0f6 100755 --- a/test/ipt/host.fw.orig +++ b/test/ipt/host.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:48 2011 PST by vadim +# Generated Thu Feb 17 17:38:06 2011 PST by vadim # # files: * host.fw /etc/fw/host.fw # @@ -422,7 +422,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:48 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:06 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/objects-for-regression-tests.fwb b/test/ipt/objects-for-regression-tests.fwb index 2aa504917..0c1dd634f 100644 --- a/test/ipt/objects-for-regression-tests.fwb +++ b/test/ipt/objects-for-regression-tests.fwb @@ -1,6 +1,6 @@ - + @@ -51,9 +51,9 @@ - + + @@ -69,9 +69,9 @@ - + + @@ -100,17 +100,17 @@ - + established - + established -m state --state ESTABLISHED,RELATED established - + established - + established -m state --state ESTABLISHED,RELATED established @@ -318,6 +318,12 @@ + + + + + + @@ -360,54 +366,54 @@ - - - - + + + + -m record_rpc - - - + + + - - - - + + + + -m irc - - - + + + - - - - + + + + -m psd --psd-weight-threshold 5 --psd-delay-threshold 10000 - - - + + + - - - - + + + + -m string --string test_pattern - - - + + + - - - - + + + + -m talk - - - + + + @@ -429,101 +435,113 @@ - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + @@ -664,7 +682,7 @@ - @@ -868,11 +886,11 @@ - + + - @@ -901,74 +919,74 @@ - + + - + - + - - - + + + + + + + + + + + + + + + - + + + - + - - - - + + + + @@ -1603,8 +1621,8 @@ - + @@ -1612,28 +1630,28 @@ - + + + + + + + + + + + + + + + - + + + @@ -1645,10 +1663,10 @@ - + + + @@ -1660,149 +1678,167 @@ - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + @@ -2112,51 +2148,51 @@ - + + - + - + - + + + - + + + + + + + + + + + + + + + - + + + @@ -2166,24 +2202,24 @@ - - - - - + + + + @@ -2224,1244 +2260,1391 @@ - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - - + + + + + + + + - + - + - + - + - + - + - - - - + + + + + + + - + - + - + - + - + - + - + - - - - + + + + + + + - + - + - + - + - + - + - + - - - - + + + + + + + - + - + - + - + - + - + - + - - - - + + + + + + + - + - + - + - + - + - + - + - - - - + + + + + + + - + - + - + - + - + - + - + - - - - + + + + + + + - + - + - + - + - + - + - + - - - - + + + + + + + - + - + - + - + - + - + - + - - - - + + + + + + + - + - + - + - + - + - + - + - - - - - + + + + + + + + @@ -3494,53 +3677,53 @@ - + + - - + - - + + - - - + + + + - + - + + + @@ -3554,22 +3737,22 @@ - - - - + + + + + @@ -3599,27 +3782,27 @@ - + + + + - + - - + - @@ -3644,27 +3827,27 @@ - + + + + - + - - + - @@ -3753,6 +3936,7 @@ + @@ -3854,6 +4038,14 @@ + + + + + + + + @@ -3867,9 +4059,9 @@ - + + @@ -3885,9 +4077,9 @@ - + + @@ -3903,9 +4095,9 @@ - + + @@ -3921,9 +4113,9 @@ - + + @@ -3939,9 +4131,9 @@ - + + @@ -3957,9 +4149,9 @@ - + + @@ -3975,9 +4167,9 @@ - + + @@ -4008,9 +4200,9 @@ - + + @@ -4025,9 +4217,9 @@ - + + @@ -4042,9 +4234,9 @@ - + + @@ -4059,9 +4251,9 @@ - + + @@ -4077,9 +4269,9 @@ - + + @@ -4160,9 +4352,9 @@ - + + @@ -4181,9 +4373,9 @@ - + + @@ -4206,9 +4398,9 @@ - + + @@ -4223,9 +4415,9 @@ - + + @@ -4240,9 +4432,9 @@ - + + @@ -4258,9 +4450,9 @@ - + + @@ -4276,9 +4468,9 @@ - + + @@ -4294,9 +4486,9 @@ - + + @@ -4312,9 +4504,9 @@ - + + @@ -4330,9 +4522,9 @@ - + + @@ -4406,9 +4598,9 @@ - + + @@ -4471,9 +4663,9 @@ - + + @@ -4489,9 +4681,9 @@ - + + @@ -4506,9 +4698,9 @@ - + + @@ -4550,9 +4742,9 @@ - + + @@ -4840,109 +5032,109 @@ - - - - - - + + + + + + -m ip_conntrack_talk -m ip_nat_talk - - - + + + - - - - + + + + -p tcp -m state --state ESTABLISHED --tcp-flags SYN,ACK,RST,URG ACK - - - + + + - - - - + + + + -p tcp -m state --state ESTABLISHED --tcp-flags SYN,FIN,RST,URG,PSH RST - - - + + + - - + + -m string --string test_pattern - + -m string --string test_pattern - - - + + + - - - - + + + + -p tcp ! --syn -dport 5190 -m state --state NEW - - - + + + - - - - + + + + -m rt --rt-type 0 - - - + + + - - - - + + + + -m tcp --tcp-flags SYN,ACK SYN,ACK -m state --state NEW - - - + + + - - - - + + + + -m owner --uid-owner anonymous - - - - + + + + - - - - + + + + -m owner --uid-owner anonymous - - - - + + + + - - - - + + + + -m owner --uid-owner anonymous - - - - + + + + @@ -4968,9 +5160,12 @@ - - - + + + + + + @@ -4992,9 +5187,12 @@ - - - + + + + + + @@ -5016,9 +5214,12 @@ - - - + + + + + + @@ -5040,9 +5241,12 @@ - - - + + + + + + @@ -5064,9 +5268,12 @@ - - - + + + + + + @@ -5089,9 +5296,12 @@ - - - + + + + + + @@ -5113,9 +5323,12 @@ - - - + + + + + + @@ -5137,9 +5350,12 @@ - - - + + + + + + @@ -5161,9 +5377,12 @@ - - - + + + + + + @@ -5185,9 +5404,12 @@ - - - + + + + + + @@ -5209,9 +5431,12 @@ - - - + + + + + + @@ -5233,9 +5458,12 @@ - - - + + + + + + @@ -5257,9 +5485,12 @@ - - - + + + + + + @@ -5281,9 +5512,12 @@ - - - + + + + + + @@ -5305,9 +5539,12 @@ - - - + + + + + + @@ -5329,9 +5566,12 @@ - - - + + + + + + @@ -5353,9 +5593,12 @@ - - - + + + + + + @@ -5377,9 +5620,12 @@ - - - + + + + + + @@ -5401,9 +5647,12 @@ - - - + + + + + + @@ -5425,9 +5674,12 @@ - - - + + + + + + @@ -5449,9 +5701,12 @@ - - - + + + + + + @@ -5473,9 +5728,12 @@ - - - + + + + + + @@ -5497,9 +5755,12 @@ - - - + + + + + + @@ -5798,10 +6059,10 @@ - - + @@ -5834,10 +6095,10 @@ - - + @@ -5865,10 +6126,10 @@ - - + @@ -5900,15 +6161,15 @@ - - - - + @@ -5940,15 +6201,15 @@ - - - - + @@ -5980,15 +6241,15 @@ - - - - + @@ -6020,15 +6281,15 @@ - - - - + @@ -6060,15 +6321,15 @@ - - - - + @@ -6100,15 +6361,15 @@ - - - - + @@ -6133,10 +6394,10 @@ - - + @@ -6283,10 +6544,10 @@ - + - @@ -6324,10 +6585,10 @@ - + - @@ -6474,10 +6735,10 @@ - + - @@ -6537,10 +6798,10 @@ - + - @@ -6620,10 +6881,10 @@ - + - @@ -6644,10 +6905,10 @@ - + - @@ -6668,10 +6929,10 @@ - + - @@ -6764,10 +7025,10 @@ - + - @@ -6842,11 +7103,11 @@ - + - + @@ -6872,18 +7133,18 @@ - - + - @@ -6891,39 +7152,39 @@ - + - + + - + + + + + - - - + + - + + + @@ -6941,17 +7202,17 @@ - - + + + + + + + @@ -6982,9 +7243,12 @@ - - - + + + + + + @@ -7006,9 +7270,12 @@ - - - + + + + + + @@ -7030,9 +7297,12 @@ - - - + + + + + + @@ -7054,9 +7324,12 @@ - - - + + + + + + @@ -7078,9 +7351,12 @@ - - - + + + + + + @@ -7103,9 +7379,12 @@ - - - + + + + + + @@ -7127,9 +7406,12 @@ - - - + + + + + + @@ -7151,9 +7433,12 @@ - - - + + + + + + @@ -7175,9 +7460,12 @@ - - - + + + + + + @@ -7200,9 +7488,12 @@ - - - + + + + + + @@ -7224,9 +7515,12 @@ - - - + + + + + + @@ -7248,9 +7542,12 @@ - - - + + + + + + @@ -7272,9 +7569,12 @@ - - - + + + + + + @@ -7296,9 +7596,12 @@ - - - + + + + + + @@ -7320,9 +7623,12 @@ - - - + + + + + + @@ -7344,9 +7650,12 @@ - - - + + + + + + @@ -7372,9 +7681,12 @@ - - - + + + + + + @@ -7397,9 +7709,12 @@ - - - + + + + + + @@ -7422,9 +7737,12 @@ - - - + + + + + + @@ -7459,15 +7777,15 @@ - - - + @@ -7501,15 +7819,15 @@ - - - + @@ -7811,10 +8129,10 @@ - - @@ -7837,13 +8155,13 @@ - - + @@ -7867,13 +8185,13 @@ - - + @@ -8392,18 +8710,18 @@ - - + - @@ -8411,40 +8729,40 @@ - + - + + + - + + + + + + + + + + + + + + + - + + + @@ -8454,26 +8772,26 @@ - - - - - + + + + + + @@ -8505,11 +8823,14 @@ - - - + + + + + + - @@ -8532,11 +8853,14 @@ - - - + + + + + + - @@ -8561,11 +8885,14 @@ - - - + + + + + + - @@ -8587,11 +8914,14 @@ - - - + + + + + + - @@ -8613,11 +8943,14 @@ - - - + + + + + + - @@ -8639,11 +8972,14 @@ - - - + + + + + + - @@ -8665,11 +9001,14 @@ - - - + + + + + + - @@ -8691,11 +9030,14 @@ - - - + + + + + + - @@ -8721,9 +9063,12 @@ - - - + + + + + + @@ -8745,9 +9090,12 @@ - - - + + + + + + @@ -8769,9 +9117,12 @@ - - - + + + + + + @@ -8797,9 +9148,12 @@ - - - + + + + + + @@ -8823,9 +9177,12 @@ - - - + + + + + + @@ -8851,9 +9208,12 @@ - - - + + + + + + @@ -8877,9 +9237,12 @@ - - - + + + + + + @@ -8902,9 +9265,12 @@ - - - + + + + + + @@ -8928,9 +9294,12 @@ - - - + + + + + + @@ -8953,9 +9322,12 @@ - - - + + + + + + @@ -8978,9 +9350,12 @@ - - - + + + + + + @@ -9002,9 +9377,12 @@ - - - + + + + + + @@ -9026,11 +9404,14 @@ - - - + + + + + + - @@ -9052,9 +9433,12 @@ - - - + + + + + + @@ -9076,9 +9460,12 @@ - - - + + + + + + @@ -9100,9 +9487,12 @@ - - - + + + + + + @@ -9124,9 +9514,12 @@ - - - + + + + + + @@ -9148,9 +9541,12 @@ - - - + + + + + + @@ -9173,9 +9569,12 @@ - - - + + + + + + @@ -9197,9 +9596,12 @@ - - - + + + + + + @@ -9222,9 +9624,12 @@ - - - + + + + + + @@ -9246,9 +9651,12 @@ - - - + + + + + + @@ -9274,9 +9682,12 @@ - - - + + + + + + @@ -9298,9 +9709,12 @@ - - - + + + + + + @@ -9323,9 +9737,12 @@ - - - + + + + + + @@ -9347,9 +9764,12 @@ - - - + + + + + + @@ -9371,9 +9791,12 @@ - - - + + + + + + @@ -9395,9 +9818,12 @@ - - - + + + + + + @@ -9419,9 +9845,12 @@ - - - + + + + + + @@ -9443,9 +9872,12 @@ - - - + + + + + + @@ -9467,9 +9899,12 @@ - - - + + + + + + @@ -9491,9 +9926,12 @@ - - - + + + + + + @@ -9515,9 +9953,12 @@ - - - + + + + + + @@ -9541,9 +9982,12 @@ - - - + + + + + + @@ -9567,9 +10011,12 @@ - - - + + + + + + @@ -9593,9 +10040,12 @@ - - - + + + + + + @@ -9619,9 +10069,12 @@ - - - + + + + + + @@ -9645,9 +10098,12 @@ - - - + + + + + + @@ -9671,9 +10127,12 @@ - - - + + + + + + @@ -9697,9 +10156,12 @@ - - - + + + + + + @@ -9723,9 +10185,12 @@ - - - + + + + + + @@ -9747,9 +10212,12 @@ - - - + + + + + + @@ -9771,9 +10239,12 @@ - - - + + + + + + @@ -9795,9 +10266,12 @@ - - - + + + + + + @@ -9819,9 +10293,12 @@ - - - + + + + + + @@ -9845,8 +10322,8 @@ - + @@ -9870,8 +10347,8 @@ - + @@ -9894,20 +10371,20 @@ - - - - + @@ -9930,20 +10407,20 @@ - - - - + @@ -10042,7 +10519,7 @@ - @@ -10064,7 +10541,7 @@ - @@ -10089,9 +10566,9 @@ - - @@ -10440,11 +10917,11 @@ - - @@ -10483,7 +10960,7 @@ - @@ -10523,53 +11000,53 @@ - + + - - + - - + + - - - + + + + - + - + + + @@ -10583,22 +11060,22 @@ - - - - + + + + + @@ -10631,11 +11108,14 @@ - - - + + + + + + - @@ -10657,11 +11137,14 @@ - - - + + + + + + - @@ -10722,20 +11205,20 @@ - - - - + @@ -10758,20 +11241,20 @@ - - - - + @@ -10946,7 +11429,7 @@ - @@ -10985,7 +11468,7 @@ - @@ -11063,7 +11546,7 @@ - @@ -11084,7 +11567,7 @@ - @@ -11104,7 +11587,7 @@ - @@ -11196,51 +11679,51 @@ - + + - + - + - - + + + - + + + + + + + + + + + + + + + - + + + @@ -11250,24 +11733,24 @@ - - - - - + + + + @@ -11298,11 +11781,14 @@ - - - + + + + + + - @@ -11324,9 +11810,12 @@ - - - + + + + + + @@ -11348,9 +11837,12 @@ - - - + + + + + + @@ -11372,11 +11864,14 @@ - - - + + + + + + - @@ -11399,9 +11894,12 @@ - - - + + + + + + @@ -11423,9 +11921,12 @@ - - - + + + + + + @@ -11447,9 +11948,12 @@ - - - + + + + + + @@ -11582,15 +12086,15 @@ - - - - + @@ -11622,15 +12126,15 @@ - - - - + @@ -11662,15 +12166,15 @@ - - - - + @@ -11702,15 +12206,15 @@ - - - - + @@ -11742,15 +12246,15 @@ - - - - + @@ -11782,15 +12286,15 @@ - - - - + @@ -11813,7 +12317,7 @@ - @@ -11835,7 +12339,7 @@ - @@ -11858,7 +12362,7 @@ - @@ -11935,7 +12439,7 @@ - @@ -11973,7 +12477,7 @@ - @@ -12011,52 +12515,52 @@ - + + - + - + - - + + - + + + + + + + + + + + + + + + - + + + @@ -12066,25 +12570,25 @@ - - - - - + + + + @@ -12115,9 +12619,12 @@ - - - + + + + + + @@ -12139,9 +12646,12 @@ - - - + + + + + + @@ -12163,9 +12673,12 @@ - - - + + + + + + @@ -12187,9 +12700,12 @@ - - - + + + + + + @@ -12316,7 +12832,7 @@ - @@ -12502,11 +13018,11 @@ - + + - @@ -12548,59 +13064,59 @@ - + - - - + + + + + + + + + + + + + + + - + + + - + - - + + + @@ -12784,11 +13300,11 @@ - - @@ -12819,60 +13335,60 @@ - + - + + - + + + + + - + + + + + + + + - + + + - - - + + + @@ -12903,9 +13419,12 @@ - - - + + + + + + @@ -12927,9 +13446,12 @@ - - - + + + + + + @@ -12951,9 +13473,12 @@ - - - + + + + + + @@ -12976,9 +13501,12 @@ - - - + + + + + + @@ -13001,9 +13529,12 @@ - - - + + + + + + @@ -13026,9 +13557,12 @@ - - - + + + + + + @@ -13050,9 +13584,12 @@ - - - + + + + + + @@ -13074,9 +13611,12 @@ - - - + + + + + + @@ -13098,9 +13638,12 @@ - - - + + + + + + @@ -13122,9 +13665,12 @@ - - - + + + + + + @@ -13263,41 +13809,41 @@ - + - + + - + + + + + + + + + + + + + + + - + + + @@ -13314,10 +13860,10 @@ - + + + @@ -13348,9 +13894,12 @@ - - - + + + + + + @@ -13685,41 +14234,41 @@ - + - + + - + + + + + + + + + + + + + + + - + + + @@ -13728,7 +14277,7 @@ - @@ -13736,10 +14285,10 @@ - + + + @@ -13786,8 +14335,8 @@ - + @@ -13795,28 +14344,28 @@ - + + + + + + + + + + + + + + + - + + + @@ -13828,10 +14377,10 @@ - + + + @@ -13864,9 +14413,9 @@ - - @@ -13889,9 +14438,9 @@ - - @@ -13914,9 +14463,9 @@ - - @@ -13939,9 +14488,9 @@ - - @@ -13964,9 +14513,9 @@ - - @@ -13989,9 +14538,9 @@ - - @@ -14014,9 +14563,9 @@ - - @@ -14039,9 +14588,9 @@ - - @@ -14065,10 +14614,10 @@ - - + @@ -14094,10 +14643,10 @@ - - + @@ -14124,10 +14673,10 @@ - - + @@ -14154,10 +14703,10 @@ - - + @@ -14180,32 +14729,32 @@ - + - + - + - - - + - + - @@ -14229,32 +14778,32 @@ - + - + - + - - - + - + - @@ -14279,32 +14828,32 @@ - + - + - + - - - + - + - @@ -14338,41 +14887,41 @@ - + - + + - + + + + + + + + + + + + + + + - + + + @@ -14390,9 +14939,9 @@ - + + @@ -14426,10 +14975,10 @@ - - + @@ -14451,11 +15000,11 @@ - - - @@ -14476,11 +15025,11 @@ - - - @@ -14501,11 +15050,11 @@ - - - @@ -14526,11 +15075,11 @@ - - - @@ -14551,11 +15100,11 @@ - - - @@ -14576,11 +15125,11 @@ - - - @@ -14601,11 +15150,11 @@ - - - @@ -14635,53 +15184,53 @@ - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -14691,25 +15240,25 @@ - - - - - + + + @@ -14741,9 +15290,12 @@ - - - + + + + + + @@ -14765,9 +15317,12 @@ - - - + + + + + + @@ -14789,9 +15344,12 @@ - - - + + + + + + @@ -14817,9 +15375,12 @@ - - - + + + + + + @@ -15031,14 +15592,14 @@ - + - - + @@ -15300,13 +15861,13 @@ - - - + @@ -15345,18 +15906,18 @@ - - + - + @@ -15364,39 +15925,39 @@ - + - + + - + + + + + + + + + + + + + + + - + + + @@ -15406,26 +15967,26 @@ - - - - - + + + + + + @@ -15457,9 +16018,12 @@ - - - + + + + + + @@ -15481,9 +16045,12 @@ - - - + + + + + + @@ -15505,9 +16072,12 @@ - - - + + + + + + @@ -15529,9 +16099,12 @@ - - - + + + + + + @@ -15553,9 +16126,12 @@ - - - + + + + + + @@ -15577,9 +16153,12 @@ - - - + + + + + + @@ -15601,9 +16180,12 @@ - - - + + + + + + @@ -15625,9 +16207,12 @@ - - - + + + + + + @@ -15649,9 +16234,12 @@ - - - + + + + + + @@ -15673,9 +16261,12 @@ - - - + + + + + + @@ -15697,9 +16288,12 @@ - - - + + + + + + @@ -15721,9 +16315,12 @@ - - - + + + + + + @@ -15745,9 +16342,12 @@ - - - + + + + + + @@ -15769,9 +16369,12 @@ - - - + + + + + + @@ -15793,9 +16396,12 @@ - - - + + + + + + @@ -15817,9 +16423,12 @@ - - - + + + + + + @@ -15841,9 +16450,12 @@ - - - + + + + + + @@ -15912,36 +16524,36 @@ - + - - + + + + + + + + + + + + + + + - + + + @@ -15953,9 +16565,9 @@ - + + @@ -15985,9 +16597,12 @@ - - - + + + + + + @@ -16009,9 +16624,12 @@ - - - + + + + + + @@ -16098,36 +16716,36 @@ - + - - + + + + + + + + + + + + + + + - + + + @@ -16139,9 +16757,9 @@ - + + @@ -16171,9 +16789,12 @@ - - - + + + + + + @@ -16195,9 +16816,12 @@ - - - + + + + + + @@ -16219,9 +16843,12 @@ - - - + + + + + + @@ -16243,9 +16870,12 @@ - - - + + + + + + @@ -16267,9 +16897,12 @@ - - - + + + + + + @@ -16291,9 +16924,12 @@ - - - + + + + + + @@ -16315,9 +16951,12 @@ - - - + + + + + + @@ -16353,36 +16992,36 @@ - + - - + + + + + + + + + + + + + + + - + + + @@ -16394,9 +17033,9 @@ - + + @@ -16477,36 +17116,36 @@ - + - - + + + + + + + + + + + + + + + - + + + @@ -16518,9 +17157,9 @@ - + + @@ -16550,9 +17189,12 @@ - - - + + + + + + @@ -16574,9 +17216,12 @@ - - - + + + + + + @@ -16598,9 +17243,12 @@ - - - + + + + + + @@ -16623,9 +17271,12 @@ - - - + + + + + + @@ -16647,9 +17298,12 @@ - - - + + + + + + @@ -16671,9 +17325,12 @@ - - - + + + + + + @@ -16695,9 +17352,12 @@ - - - + + + + + + @@ -16720,9 +17380,12 @@ - - - + + + + + + @@ -16744,9 +17407,12 @@ - - - + + + + + + @@ -16768,9 +17434,12 @@ - - - + + + + + + @@ -16792,9 +17461,12 @@ - - - + + + + + + @@ -16817,9 +17489,12 @@ - - - + + + + + + @@ -16841,9 +17516,12 @@ - - - + + + + + + @@ -16865,9 +17543,12 @@ - - - + + + + + + @@ -16937,45 +17618,45 @@ - + + - + - + - - + + + + + + + + + + + + + + + - + + + @@ -16987,15 +17668,15 @@ - - - + + + @@ -17026,9 +17707,12 @@ - - - + + + + + + @@ -17050,9 +17734,12 @@ - - - + + + + + + @@ -17095,13 +17782,13 @@ - - - + @@ -17124,13 +17811,13 @@ - - - + @@ -17153,14 +17840,14 @@ - - - + + @@ -17263,41 +17950,41 @@ - + - + + - + + + + + + + + + + + + + + + - + + + @@ -17314,10 +18001,10 @@ - + + + @@ -17348,9 +18035,12 @@ - - - + + + + + + @@ -17372,9 +18062,12 @@ - - - + + + + + + @@ -17396,9 +18089,12 @@ - - - + + + + + + @@ -17420,9 +18116,12 @@ - - - + + + + + + @@ -17444,9 +18143,12 @@ - - - + + + + + + @@ -17468,9 +18170,12 @@ - - - + + + + + + @@ -17492,9 +18197,12 @@ - - - + + + + + + @@ -17629,43 +18337,43 @@ - + + - + - - - + + + + + - + + + + + + + + - + + + @@ -17677,9 +18385,9 @@ - + + @@ -17786,12 +18494,12 @@ - - + @@ -17832,12 +18540,12 @@ - - - + @@ -17918,10 +18626,10 @@ - - + @@ -18021,36 +18729,36 @@ - + - - + + + + + - + + + + + + + + - + + + @@ -18062,9 +18770,9 @@ - + + @@ -18094,9 +18802,12 @@ - - - + + + + + + @@ -18118,9 +18829,12 @@ - - - + + + + + + @@ -18142,9 +18856,12 @@ - - - + + + + + + @@ -18166,9 +18883,12 @@ - - - + + + + + + @@ -18194,9 +18914,12 @@ - - - + + + + + + @@ -18221,9 +18944,12 @@ - - - + + + + + + @@ -18245,9 +18971,12 @@ - - - + + + + + + @@ -18270,9 +18999,12 @@ - - - + + + + + + @@ -18433,7 +19165,7 @@ - @@ -18657,11 +19389,11 @@ - + + - @@ -18694,59 +19426,59 @@ - + - - - + + + + + + + + + + + + + + + - + + + - + - - + + + @@ -18777,9 +19509,12 @@ - - - + + + + + + @@ -18802,9 +19537,12 @@ - - - + + + + + + @@ -18829,9 +19567,12 @@ - - - + + + + + + @@ -18853,9 +19594,12 @@ - - - + + + + + + @@ -18881,9 +19625,12 @@ - - - + + + + + + @@ -18907,9 +19654,12 @@ - - - + + + + + + @@ -19027,41 +19777,41 @@ - + - + + - + + + + + + + + + + + + + + + - + + + @@ -19078,10 +19828,10 @@ - + + + @@ -19112,9 +19862,12 @@ - - - + + + + + + @@ -19136,9 +19889,12 @@ - - - + + + + + + @@ -19160,9 +19916,12 @@ - - - + + + + + + @@ -19205,13 +19964,13 @@ - + - - @@ -19241,59 +20000,59 @@ - + - - - + + + + + + + + + + + + + + + - + + + - + - - + + + @@ -19642,53 +20401,53 @@ - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -19698,25 +20457,25 @@ - - - - - + + + + @@ -20142,41 +20901,41 @@ - + - + + - + + + + + + + + + + + + + + + - + + + @@ -20185,7 +20944,7 @@ - @@ -20193,10 +20952,10 @@ - + + + @@ -20446,9 +21205,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -20470,9 +21232,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -20494,9 +21259,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -20518,9 +21286,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -20663,7 +21434,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -20867,27 +21638,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -20909,29 +21680,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -20952,29 +21723,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -20995,29 +21766,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -21038,29 +21809,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -21081,11 +21852,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - @@ -21246,62 +22017,62 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - - + + + + + + + + + + + + + + + - + + + - + - @@ -21310,15 +22081,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + + + @@ -21349,9 +22120,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -21373,9 +22147,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -21397,9 +22174,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -21421,9 +22201,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -21566,7 +22349,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -21770,11 +22553,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - @@ -21803,61 +22586,61 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - - + + + + + + + + + + + + + + + - + + + - + - @@ -21866,15 +22649,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + + + @@ -21905,9 +22688,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -21929,9 +22715,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -21953,9 +22742,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -21977,9 +22769,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -22122,7 +22917,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -22326,11 +23121,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - @@ -22360,61 +23155,61 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - - + + + + + + + + + + + + + + + - + + + - + - @@ -22423,15 +23218,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + + + @@ -22462,9 +23257,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -22568,45 +23366,45 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - + + + + + + + + + + + + + + + - + + + @@ -22618,15 +23416,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + @@ -22658,9 +23456,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -22743,7 +23544,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -22753,15 +23554,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -22786,7 +23587,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -22796,15 +23597,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -22860,41 +23661,41 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + + + + + + + + + + + + + + + - + + + @@ -22911,10 +23712,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + @@ -23014,41 +23815,41 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + + + + + + + + + + + + + + + - + + + @@ -23065,10 +23866,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + @@ -23239,46 +24040,46 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + + + + + + + + + + + + + + - + + + @@ -23290,17 +24091,17 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + @@ -23331,9 +24132,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -23441,50 +24245,50 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -23498,20 +24302,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + @@ -23543,9 +24347,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -23567,9 +24374,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -23591,9 +24401,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -23616,9 +24429,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -23641,9 +24457,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -23940,50 +24759,50 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -23997,20 +24816,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + @@ -24042,9 +24861,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -24066,9 +24888,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -24093,17 +24918,17 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -24384,17 +25209,17 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -24445,13 +25270,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + @@ -24501,50 +25326,50 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -24558,20 +25383,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + @@ -24603,9 +25428,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -24627,9 +25455,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -24752,14 +25583,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + @@ -24769,35 +25600,35 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + - + - - - + - + - @@ -24999,53 +25830,53 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -25059,22 +25890,22 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + + @@ -25125,28 +25956,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - + - @@ -25167,28 +25998,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - + - @@ -25209,28 +26040,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - - - + - @@ -25251,28 +26082,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - - - + - @@ -25293,28 +26124,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - - - + - @@ -25415,26 +26246,26 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - + - - @@ -25449,10 +26280,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25472,11 +26303,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25508,9 +26339,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -25533,9 +26367,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25556,9 +26390,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25579,9 +26413,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25602,9 +26436,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25625,9 +26459,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25648,9 +26482,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25671,9 +26505,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25694,9 +26528,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25717,7 +26551,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -25731,16 +26565,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + @@ -25763,7 +26597,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -25777,16 +26611,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + @@ -25809,7 +26643,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -25823,16 +26657,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + @@ -25856,9 +26690,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25879,9 +26713,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25902,9 +26736,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25925,9 +26759,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -25948,15 +26782,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - @@ -25977,15 +26811,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - @@ -26007,15 +26841,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - @@ -26036,15 +26870,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - @@ -26065,15 +26899,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - @@ -26094,28 +26928,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -26157,7 +26991,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -26165,13 +26999,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -26192,7 +27026,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -26200,13 +27034,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -26228,7 +27062,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -26236,13 +27070,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -26264,7 +27098,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -26272,13 +27106,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -26299,7 +27133,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -26307,13 +27141,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -26334,7 +27168,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -26342,13 +27176,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -26369,7 +27203,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -26377,13 +27211,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -26404,7 +27238,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -26412,13 +27246,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -26439,28 +27273,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -26481,28 +27315,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -26524,28 +27358,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -26568,28 +27402,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -26611,28 +27445,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -26653,15 +27487,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - @@ -26681,29 +27515,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -26747,27 +27581,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -26789,27 +27623,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -26854,27 +27688,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -26896,27 +27730,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -26937,28 +27771,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -26979,28 +27813,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27021,28 +27855,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27063,28 +27897,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27105,28 +27939,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27147,28 +27981,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27189,28 +28023,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27231,28 +28065,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27273,28 +28107,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27315,28 +28149,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27357,28 +28191,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27399,28 +28233,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -27474,48 +28308,48 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - + + + + + + + + + + + + + + + - + + + @@ -27527,17 +28361,17 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + @@ -27569,9 +28403,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -27593,9 +28430,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -27618,8 +28458,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -27640,8 +28480,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -27662,8 +28502,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -27684,8 +28524,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -27706,27 +28546,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -27747,27 +28587,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -27788,27 +28628,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -27829,27 +28669,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -27870,27 +28710,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -28052,48 +28892,48 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - + + + + + + + + + + + + + + + - + + + @@ -28105,17 +28945,17 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + @@ -28399,15 +29239,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - @@ -28427,15 +29267,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - @@ -28455,15 +29295,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - @@ -28662,12 +29502,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - @@ -28689,53 +29529,53 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -28745,25 +29585,25 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - - + + + + @@ -28796,9 +29636,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -28821,10 +29664,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -28846,10 +29689,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -28871,10 +29714,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -28896,10 +29739,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -28921,30 +29764,30 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -28988,7 +29831,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -28997,13 +29840,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - @@ -29024,30 +29867,30 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -29069,30 +29912,30 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -29114,30 +29957,30 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -29159,30 +30002,30 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -29204,30 +30047,30 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -29249,30 +30092,30 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -29293,14 +30136,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -29308,24 +30151,24 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - - + - + - - @@ -29346,14 +30189,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - @@ -29373,27 +30216,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - - + - @@ -29686,29 +30529,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -29729,29 +30572,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -29825,46 +30668,46 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - + + + + + + + + + + + + + + + - + + + @@ -29876,17 +30719,17 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + @@ -29917,9 +30760,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -29942,28 +30788,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - - + - @@ -29984,28 +30830,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - - + - @@ -30044,28 +30890,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - + - @@ -30086,28 +30932,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - + - @@ -30149,27 +30995,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -30203,29 +31049,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - + - - @@ -30240,11 +31086,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -30264,11 +31110,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -30545,13 +31391,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + @@ -30719,26 +31565,26 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - - - @@ -30753,10 +31599,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -30776,11 +31622,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -30856,13 +31702,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + @@ -30970,26 +31816,26 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - - - @@ -31004,10 +31850,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -31027,11 +31873,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -31063,9 +31909,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -31088,29 +31937,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31132,29 +31981,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31177,29 +32026,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31221,29 +32070,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31265,29 +32114,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31309,29 +32158,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31353,29 +32202,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31398,29 +32247,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31442,29 +32291,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31486,29 +32335,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + - - + - @@ -31550,29 +32399,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31594,29 +32443,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31639,29 +32488,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31685,29 +32534,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31730,29 +32579,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31774,29 +32623,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31817,29 +32666,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31860,29 +32709,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31905,29 +32754,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31950,29 +32799,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -31994,29 +32843,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -32037,30 +32886,30 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -32081,15 +32930,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - @@ -32132,28 +32981,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + - + - - + - @@ -32203,46 +33052,46 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - + + + + + + + + + + + + + + + - + + + @@ -32254,16 +33103,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + @@ -32394,51 +33243,51 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -32448,25 +33297,25 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - - + + + + @@ -32639,51 +33488,51 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -32693,25 +33542,25 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - - + + + + @@ -32977,7 +33826,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -32987,16 +33836,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -33022,7 +33871,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -33032,16 +33881,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -33067,7 +33916,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -33077,16 +33926,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -33613,20 +34462,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - @@ -33635,7 +34484,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -33645,34 +34494,34 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + + + - + + + + + + + + + + + - + + + @@ -33689,7 +34538,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -33709,13 +34558,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + - @@ -33852,23 +34701,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - @@ -33878,7 +34727,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -33893,11 +34742,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -33917,11 +34766,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -33953,29 +34802,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -34023,23 +34872,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - @@ -34048,36 +34897,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -34090,11 +34939,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -34114,11 +34963,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -34206,14 +35055,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - @@ -34404,38 +35253,38 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - + + + + + + + + + + + + + + + - + + + @@ -34447,10 +35296,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + @@ -34481,31 +35330,31 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -34526,31 +35375,31 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -34571,31 +35420,31 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -34616,31 +35465,31 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + - + - - + - @@ -34661,29 +35510,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -34760,51 +35609,51 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + - + + + + + + + + + + + + + + + - + + + @@ -34814,25 +35663,25 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - - + + + + @@ -35060,15 +35909,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -35276,23 +36125,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - @@ -35302,7 +36151,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -35317,11 +36166,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -35341,12 +36190,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - @@ -35442,23 +36291,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - @@ -35468,7 +36317,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -35483,11 +36332,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -35507,11 +36356,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -35542,9 +36391,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -35566,9 +36418,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -35590,9 +36445,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -35614,9 +36472,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -35639,9 +36500,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -35802,7 +36666,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -36026,11 +36890,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - @@ -36064,59 +36928,59 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - - + + + + + + + + + + + + + + + - + + + - + - - + + + @@ -36146,11 +37010,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36173,11 +37040,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36202,11 +37072,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36228,11 +37101,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36254,11 +37130,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36280,11 +37159,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36306,11 +37188,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36332,11 +37217,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36359,9 +37247,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36387,9 +37278,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36413,9 +37307,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36441,9 +37338,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36467,9 +37367,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36492,9 +37395,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36518,9 +37424,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36543,9 +37452,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36568,9 +37480,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36592,9 +37507,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36616,11 +37534,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -36642,9 +37563,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36666,9 +37590,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36690,9 +37617,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36714,9 +37644,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36738,9 +37671,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36763,9 +37699,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36787,9 +37726,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36812,9 +37754,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36836,9 +37781,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36864,9 +37812,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36888,9 +37839,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36913,9 +37867,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36937,9 +37894,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36961,9 +37921,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -36985,9 +37948,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37009,9 +37975,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37033,9 +38002,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37057,9 +38029,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37081,9 +38056,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37105,9 +38083,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37131,9 +38112,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37157,9 +38141,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37183,9 +38170,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37209,9 +38199,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37235,9 +38228,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37261,9 +38257,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37287,9 +38286,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -37315,8 +38317,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -37340,8 +38342,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -37364,20 +38366,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -37400,20 +38402,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -37512,7 +38514,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -37534,7 +38536,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -37559,9 +38561,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -37910,11 +38912,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -37953,7 +38955,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -37993,53 +38995,53 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - + + - - - + + + + - + - + + + @@ -38053,22 +39055,22 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + + @@ -38101,11 +39103,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38128,11 +39133,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38157,11 +39165,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38183,11 +39194,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38209,11 +39223,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38235,11 +39252,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38261,11 +39281,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38287,11 +39310,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38314,9 +39340,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38342,9 +39371,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38368,9 +39400,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38396,9 +39431,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38422,9 +39460,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38447,9 +39488,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38473,9 +39517,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38498,9 +39545,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38523,9 +39573,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38547,9 +39600,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38571,11 +39627,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -38597,9 +39656,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38621,9 +39683,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38645,9 +39710,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38669,9 +39737,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38693,9 +39764,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38718,9 +39792,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38742,9 +39819,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38767,9 +39847,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38791,9 +39874,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38819,9 +39905,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38843,9 +39932,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38868,9 +39960,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38892,9 +39987,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38916,9 +40014,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38940,9 +40041,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38964,9 +40068,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -38988,9 +40095,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39012,9 +40122,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39036,9 +40149,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39060,9 +40176,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39086,9 +40205,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39112,9 +40234,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39138,9 +40263,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39164,9 +40292,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39190,9 +40321,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39216,9 +40350,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39242,9 +40379,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -39270,8 +40410,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -39295,8 +40435,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -39319,20 +40459,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -39355,20 +40495,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -39467,7 +40607,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -39489,7 +40629,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -39514,9 +40654,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -39865,11 +41005,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -39908,7 +41048,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -39948,53 +41088,53 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - + + - - - + + + + - + - + + + @@ -40008,22 +41148,22 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + + @@ -40056,11 +41196,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40083,11 +41226,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40112,11 +41258,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40138,11 +41287,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40164,11 +41316,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40190,11 +41345,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40216,11 +41374,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40242,11 +41403,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40269,9 +41433,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40297,9 +41464,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40323,9 +41493,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40351,9 +41524,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40377,9 +41553,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40402,9 +41581,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40428,9 +41610,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40453,9 +41638,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40478,9 +41666,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40502,9 +41693,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40526,11 +41720,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -40552,9 +41749,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40576,9 +41776,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40600,9 +41803,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40624,9 +41830,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40648,9 +41857,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40673,9 +41885,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40697,9 +41912,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40722,9 +41940,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40746,9 +41967,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40774,9 +41998,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40798,9 +42025,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40823,9 +42053,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40847,9 +42080,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40871,9 +42107,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40895,9 +42134,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40919,9 +42161,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40943,9 +42188,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40967,9 +42215,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -40991,9 +42242,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41015,9 +42269,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41041,9 +42298,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41067,9 +42327,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41093,9 +42356,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41119,9 +42385,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41145,9 +42414,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41171,9 +42443,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41197,9 +42472,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -41225,8 +42503,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -41250,8 +42528,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -41274,20 +42552,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -41310,20 +42588,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -41422,7 +42700,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -41444,7 +42722,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -41469,9 +42747,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -41608,11 +42886,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -41651,7 +42929,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -41691,52 +42969,52 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - + + - - - + + + + - + - + + + @@ -41750,21 +43028,21 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + @@ -42009,23 +43287,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - @@ -42036,7 +43314,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -42051,11 +43329,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -42075,11 +43353,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -42111,29 +43389,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -42201,23 +43479,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - @@ -42226,9 +43504,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -42243,11 +43521,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -42267,11 +43545,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -42303,29 +43581,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -42373,23 +43651,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - @@ -42398,9 +43676,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -42415,11 +43693,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -42439,11 +43717,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -43177,20 +44455,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - @@ -43199,7 +44477,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -43208,36 +44486,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -43254,7 +44532,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -43274,13 +44552,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + - @@ -43313,9 +44591,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -43583,23 +44864,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -43608,36 +44889,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -43650,11 +44931,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -43674,11 +44955,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -43766,54 +45047,54 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + - - + - - - + + + + + - + + + + + + + + - + + + @@ -43826,17 +45107,17 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + - + + + @@ -43868,9 +45149,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -44137,23 +45421,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -44162,36 +45446,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -44204,11 +45488,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -44228,12 +45512,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - @@ -44265,9 +45549,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -44290,29 +45577,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -44338,23 +45625,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -44363,36 +45650,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -44405,11 +45692,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -44433,9 +45720,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -44467,9 +45754,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -44492,29 +45782,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -44540,23 +45830,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -44565,36 +45855,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -44607,11 +45897,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -44635,9 +45925,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -44669,9 +45959,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -44694,29 +45987,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -44742,23 +46035,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -44767,36 +46060,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -44809,11 +46102,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -44837,9 +46130,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -44871,9 +46164,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -44896,29 +46192,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -44944,23 +46240,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -44969,36 +46265,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -45011,11 +46307,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45039,9 +46335,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45073,9 +46369,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -45098,29 +46397,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -45146,23 +46445,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -45171,36 +46470,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -45213,11 +46512,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45241,9 +46540,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45275,9 +46574,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -45300,29 +46602,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -45348,23 +46650,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -45373,36 +46675,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -45415,11 +46717,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45443,9 +46745,9 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45501,26 +46803,26 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - + - - @@ -45535,10 +46837,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45558,11 +46860,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45618,26 +46920,26 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - + - - @@ -45652,10 +46954,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45675,11 +46977,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -45710,9 +47012,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -45754,29 +47059,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + + - + - - + - @@ -45797,11 +47102,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - @@ -45853,62 +47158,62 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - - + + + + + + + + + + + + + + + - + + + - + - @@ -45917,16 +47222,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + + + + @@ -45970,15 +47275,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -46012,15 +47317,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -46055,15 +47360,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -46089,23 +47394,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -46114,36 +47419,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -46156,11 +47461,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -46180,12 +47485,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - @@ -46229,15 +47534,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -46274,15 +47579,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -46308,23 +47613,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -46333,36 +47638,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -46375,11 +47680,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -46399,12 +47704,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - @@ -46435,9 +47740,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46459,9 +47767,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46483,9 +47794,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46507,9 +47821,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46531,9 +47848,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46555,9 +47875,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46579,9 +47902,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46603,9 +47929,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46627,9 +47956,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -46653,7 +47985,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -46673,7 +48005,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -46693,7 +48025,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -46731,7 +48063,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -46751,7 +48083,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -46990,7 +48322,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -47011,7 +48343,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -47032,7 +48364,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -47053,7 +48385,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -47074,7 +48406,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -47095,7 +48427,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -47116,7 +48448,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -47200,8 +48532,8 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + @@ -47214,10 +48546,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -47225,11 +48557,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + @@ -47240,10 +48572,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -47265,7 +48597,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -47292,9 +48624,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -47561,23 +48896,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - @@ -47586,36 +48921,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -47628,11 +48963,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -47652,12 +48987,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - @@ -47688,9 +49023,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -47712,9 +49050,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -47736,9 +49077,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -47760,9 +49104,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -47784,9 +49131,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -47808,9 +49158,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -48162,48 +49515,48 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - - + - + + + + + + + + + + + + + + + - + + + @@ -48215,18 +49568,18 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -48257,9 +49610,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -48281,9 +49637,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -48305,9 +49664,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -48329,9 +49691,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -48353,9 +49718,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -48377,9 +49745,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -48731,48 +50102,48 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - - + - + + + + + + + + + + + + + + + - + + + @@ -48784,18 +50155,18 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -49256,48 +50627,48 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - + + + + + + + + + + + + + + + - + + + @@ -49309,18 +50680,18 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -49425,32 +50796,32 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + - + + + + + + + + + + + + - + + + @@ -49486,32 +50857,35 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - - + + + - + - - + - @@ -49533,32 +50907,35 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - - + + + - + - - + - @@ -49580,32 +50957,35 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - - + + + - + - - + - @@ -49627,32 +51007,35 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - - + + + - + - - + - @@ -49677,9 +51060,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -49701,9 +51087,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -49735,18 +51124,18 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + - + @@ -49754,39 +51143,39 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + + + + + + + + + + + + + + + - + + + @@ -49800,22 +51189,22 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + + + @@ -49853,18 +51242,18 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - @@ -49873,7 +51262,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -49882,36 +51271,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -49924,11 +51313,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -49948,13 +51337,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + - @@ -49985,32 +51374,35 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - - + + + - + - - + - @@ -50032,32 +51424,35 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - - + + + - + - - + - @@ -50082,9 +51477,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50106,9 +51504,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50170,41 +51571,41 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + + + + + + + + + + + + + + + - + + + @@ -50221,10 +51622,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + @@ -50255,11 +51656,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50281,11 +51685,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50307,11 +51714,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50334,11 +51744,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50360,9 +51773,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50385,9 +51801,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50410,11 +51829,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50436,9 +51858,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50460,11 +51885,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50486,11 +51914,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50512,9 +51943,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50536,9 +51970,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50560,9 +51997,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50584,9 +52024,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50608,9 +52051,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50633,7 +52079,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -50671,53 +52117,53 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - - + - - + + - - - + + + + - + - + + + @@ -50731,22 +52177,22 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + + @@ -50779,11 +52225,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50805,11 +52254,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50831,11 +52283,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50857,11 +52312,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50883,11 +52341,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50909,11 +52370,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50935,9 +52399,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -50959,11 +52426,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -50985,11 +52455,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -51011,11 +52484,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + - @@ -51038,7 +52514,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -51077,53 +52553,53 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - - + - - + + - - - + + + + - + - + + + @@ -51137,22 +52613,22 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + + + + + @@ -51186,9 +52662,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -51211,9 +52690,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -51239,9 +52721,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -51267,9 +52752,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -51296,9 +52784,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -51324,9 +52815,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -51445,41 +52939,41 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + + - + + + + + + + + + + + + + + + - + + + @@ -51496,10 +52990,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + @@ -51534,7 +53028,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -51544,16 +53038,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -51588,16 +53082,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -51622,7 +53116,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -51632,16 +53126,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -51666,7 +53160,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -51676,16 +53170,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -51711,65 +53205,65 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - + - - + - + + + + - + + + + + + + + + + + + + + + - + + + @@ -51781,15 +53275,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + @@ -51892,12 +53386,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - @@ -51908,23 +53402,23 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - - + - @@ -51994,32 +53488,32 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - - @@ -52031,28 +53525,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + + + + + + + + - + - - + @@ -52067,12 +53561,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + @@ -52107,7 +53601,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52117,16 +53611,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + @@ -52174,7 +53668,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52184,16 +53678,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -52241,7 +53735,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52256,11 +53750,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52309,7 +53803,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52324,11 +53818,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52354,7 +53848,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52369,11 +53863,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52402,7 +53896,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52417,11 +53911,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52447,7 +53941,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52462,11 +53956,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52492,7 +53986,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52507,11 +54001,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52537,7 +54031,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52552,11 +54046,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52585,7 +54079,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52600,11 +54094,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52630,7 +54124,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -52645,11 +54139,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + @@ -52679,26 +54173,26 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - - - @@ -52713,10 +54207,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -52736,11 +54230,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -52777,62 +54271,62 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - + - + - - - + + + + + + + + + + + + + + + - + + + - + - @@ -52841,16 +54335,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + + + + @@ -52881,9 +54375,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -52929,28 +54426,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - - + - @@ -52971,28 +54468,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - - + - @@ -53031,28 +54528,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - + - @@ -53073,28 +54570,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - + - @@ -53136,27 +54633,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -53190,29 +54687,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - + - - @@ -53227,11 +54724,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -53251,11 +54748,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -53286,9 +54783,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -53314,28 +54814,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - - + - @@ -53356,28 +54856,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - - + - @@ -53416,28 +54916,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - + - @@ -53458,28 +54958,28 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + + + - + - + - @@ -53521,27 +55021,27 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + + - + - - + - @@ -53575,29 +55075,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + + - + - - @@ -53612,11 +55112,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -53636,11 +55136,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -53672,29 +55172,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -53719,32 +55219,32 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - - + - @@ -53758,15 +55258,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + @@ -53818,16 +55318,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -53863,16 +55363,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -53908,16 +55408,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -53953,16 +55453,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -53998,16 +55498,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54043,16 +55543,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54088,16 +55588,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54134,16 +55634,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54179,16 +55679,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54224,16 +55724,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54269,16 +55769,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54314,16 +55814,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54359,16 +55859,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54404,16 +55904,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54435,29 +55935,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -54478,29 +55978,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -54541,16 +56041,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54587,16 +56087,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -54624,20 +56124,20 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - @@ -54646,7 +56146,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -54655,36 +56155,36 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + - + + + + + + + + + + + - + + + @@ -54697,11 +56197,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -54721,13 +56221,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + - @@ -54758,9 +56258,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -54783,9 +56286,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -54807,9 +56313,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -54927,7 +56436,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -54937,16 +56446,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55026,7 +56535,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -55036,16 +56545,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55088,7 +56597,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -55098,16 +56607,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55135,7 +56644,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -55145,16 +56654,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55176,29 +56685,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -55239,16 +56748,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55273,7 +56782,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -55283,16 +56792,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55329,19 +56838,19 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + @@ -55349,14 +56858,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -55371,11 +56880,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -55393,11 +56902,11 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + + - @@ -55428,9 +56937,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -55452,9 +56964,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -55476,9 +56991,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -55522,7 +57040,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -55532,16 +57050,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55576,16 +57094,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55675,16 +57193,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -55749,19 +57267,19 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + @@ -55769,14 +57287,14 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -55791,10 +57309,10 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - @@ -55814,13 +57332,13 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + - @@ -55852,9 +57370,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -55876,9 +57397,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -55900,9 +57424,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -55946,7 +57473,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -55956,16 +57483,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -56000,16 +57527,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -56099,16 +57626,16 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - - + @@ -56241,29 +57768,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -56284,29 +57811,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -56327,29 +57854,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -56463,9 +57990,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -56488,29 +58018,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -56539,7 +58069,7 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - @@ -56662,32 +58192,32 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - + - @@ -56701,15 +58231,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + @@ -56804,32 +58334,32 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - + - @@ -56843,15 +58373,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + @@ -56883,9 +58413,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -56907,9 +58440,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -56931,9 +58467,12 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + + + + @@ -56977,29 +58516,29 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - + + + - + - - + - @@ -57068,32 +58607,32 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - + - + - + - + - @@ -57107,15 +58646,15 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% - - - + + + @@ -57257,6 +58796,700 @@ echo '%FWBPROMPT%'; sh /tmp/%FWSCRIPT% + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/test/ipt/openais_cluster_1_linux-1.fw.orig b/test/ipt/openais_cluster_1_linux-1.fw.orig index aba4f12e6..b7e07029b 100755 --- a/test/ipt/openais_cluster_1_linux-1.fw.orig +++ b/test/ipt/openais_cluster_1_linux-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:59 2011 PST by vadim +# Generated Thu Feb 17 17:38:20 2011 PST by vadim # # files: * openais_cluster_1_linux-1.fw /etc/openais_cluster_1_linux-1.fw # @@ -707,7 +707,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:59 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:20 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/openais_cluster_1_linux-2.fw.orig b/test/ipt/openais_cluster_1_linux-2.fw.orig index 3b5e3d371..5d36abaa0 100755 --- a/test/ipt/openais_cluster_1_linux-2.fw.orig +++ b/test/ipt/openais_cluster_1_linux-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:00 2011 PST by vadim +# Generated Thu Feb 17 17:38:21 2011 PST by vadim # # files: * openais_cluster_1_linux-2.fw /etc/openais_cluster_1_linux-2.fw # @@ -611,7 +611,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:00 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/rc.firewall.local b/test/ipt/rc.firewall.local index e7eb88a8c..cc705ea73 100755 --- a/test/ipt/rc.firewall.local +++ b/test/ipt/rc.firewall.local @@ -4,7 +4,7 @@ # # Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Thu Feb 17 15:16:56 2011 PST by vadim +# Generated Thu Feb 17 17:38:09 2011 PST by vadim # # files: * rc.firewall.local /etc/rc.d//rc.firewall.local # diff --git a/test/ipt/rh90.fw.orig b/test/ipt/rh90.fw.orig index 7b320fb6f..fe4009649 100755 --- a/test/ipt/rh90.fw.orig +++ b/test/ipt/rh90.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:50 2011 PST by vadim +# Generated Thu Feb 17 17:38:09 2011 PST by vadim # # files: * rh90.fw /etc/rh90.fw # @@ -421,7 +421,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:50 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:09 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/secuwall_cluster_1_secuwall-1.fw.orig b/test/ipt/secuwall_cluster_1_secuwall-1.fw.orig index 02cf502ef..da7a1320a 100755 --- a/test/ipt/secuwall_cluster_1_secuwall-1.fw.orig +++ b/test/ipt/secuwall_cluster_1_secuwall-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:00 2011 PST by vadim +# Generated Thu Feb 17 17:38:20 2011 PST by vadim # # files: * secuwall_cluster_1_secuwall-1.fw /etc/secuwall_cluster_1_secuwall-1.fw # @@ -405,7 +405,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:00 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:20 2011 by vadim" log "Database was cluster-tests.fwb" check_tools check_run_time_address_table_files diff --git a/test/ipt/server-cluster-1_server-1.fw.orig b/test/ipt/server-cluster-1_server-1.fw.orig index 75d7289b8..d5bdecbeb 100755 --- a/test/ipt/server-cluster-1_server-1.fw.orig +++ b/test/ipt/server-cluster-1_server-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:00 2011 PST by vadim +# Generated Thu Feb 17 17:38:21 2011 PST by vadim # # files: * server-cluster-1_server-1.fw /etc/fw/server-cluster-1_server-1.fw # @@ -398,7 +398,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:00 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/server-cluster-1_server-2.fw.orig b/test/ipt/server-cluster-1_server-2.fw.orig index fe89ee2b4..04b4df464 100755 --- a/test/ipt/server-cluster-1_server-2.fw.orig +++ b/test/ipt/server-cluster-1_server-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:00 2011 PST by vadim +# Generated Thu Feb 17 17:38:21 2011 PST by vadim # # files: * server-cluster-1_server-2.fw /etc/fw/server-cluster-1_server-2.fw # @@ -397,7 +397,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:00 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/test-shadowing-1.fw.orig b/test/ipt/test-shadowing-1.fw.orig index 05ba36df3..8f1083ccc 100755 --- a/test/ipt/test-shadowing-1.fw.orig +++ b/test/ipt/test-shadowing-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:53 2011 PST by vadim +# Generated Thu Feb 17 17:38:13 2011 PST by vadim # # files: * test-shadowing-1.fw /etc/test-shadowing-1.fw # @@ -461,7 +461,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:53 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:13 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/test-shadowing-2.fw.orig b/test/ipt/test-shadowing-2.fw.orig index aaa31ce8f..88f82aca6 100755 --- a/test/ipt/test-shadowing-2.fw.orig +++ b/test/ipt/test-shadowing-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:56 2011 PST by vadim +# Generated Thu Feb 17 17:38:16 2011 PST by vadim # # files: * test-shadowing-2.fw /etc/test-shadowing-2.fw # @@ -423,7 +423,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:56 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:16 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/test-shadowing-3.fw.orig b/test/ipt/test-shadowing-3.fw.orig index 10068233e..dd47c6b09 100755 --- a/test/ipt/test-shadowing-3.fw.orig +++ b/test/ipt/test-shadowing-3.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:59 2011 PST by vadim +# Generated Thu Feb 17 17:38:20 2011 PST by vadim # # files: * test-shadowing-3.fw /etc/test-shadowing-3.fw # @@ -474,7 +474,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:59 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:20 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/test_fw.fw.orig b/test/ipt/test_fw.fw.orig index 84abff569..54eeae0ab 100755 --- a/test/ipt/test_fw.fw.orig +++ b/test/ipt/test_fw.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:28:53 2011 PST by vadim +# Generated Thu Feb 17 17:38:14 2011 PST by vadim # # files: * test_fw.fw /etc/test_fw.fw # @@ -316,8 +316,8 @@ script_body() { # no need to translate # between DMZ and # internal net - $IPTABLES -t nat -A POSTROUTING -s 192.168.2.0/24 -d 192.168.1.0/24 -j ACCEPT - $IPTABLES -t nat -A PREROUTING -s 192.168.2.0/24 -d 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A POSTROUTING -s 192.168.2.0/24 -d 192.168.1.0/24 -j ACCEPT + $IPTABLES -t nat -A PREROUTING -s 192.168.2.0/24 -d 192.168.1.0/24 -j ACCEPT # # Rule 1 (NAT) # @@ -332,7 +332,7 @@ script_body() { # echo "Rule 2 (NAT)" # - $IPTABLES -t nat -A PREROUTING -d 192.0.2.1 -j DNAT --to-destination 192.168.2.10 + $IPTABLES -t nat -A PREROUTING -d 192.0.2.1 -j DNAT --to-destination 192.168.2.10 @@ -570,7 +570,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:28:53 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:14 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/vrrp_cluster_1_linux-1.fw.orig b/test/ipt/vrrp_cluster_1_linux-1.fw.orig index 828cc8b45..97bfd1700 100755 --- a/test/ipt/vrrp_cluster_1_linux-1.fw.orig +++ b/test/ipt/vrrp_cluster_1_linux-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:00 2011 PST by vadim +# Generated Thu Feb 17 17:38:21 2011 PST by vadim # # files: * vrrp_cluster_1_linux-1.fw /etc/vrrp_cluster_1_linux-1.fw # @@ -710,7 +710,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:00 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/vrrp_cluster_1_linux-2.fw.orig b/test/ipt/vrrp_cluster_1_linux-2.fw.orig index da679a278..9bfb55aa7 100755 --- a/test/ipt/vrrp_cluster_1_linux-2.fw.orig +++ b/test/ipt/vrrp_cluster_1_linux-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:01 2011 PST by vadim +# Generated Thu Feb 17 17:38:21 2011 PST by vadim # # files: * vrrp_cluster_1_linux-2.fw /etc/vrrp_cluster_1_linux-2.fw # @@ -615,7 +615,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:01 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/vrrp_cluster_2_linux-1.fw.orig b/test/ipt/vrrp_cluster_2_linux-1.fw.orig index a8aad3e2f..8346fbf5b 100755 --- a/test/ipt/vrrp_cluster_2_linux-1.fw.orig +++ b/test/ipt/vrrp_cluster_2_linux-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:01 2011 PST by vadim +# Generated Thu Feb 17 17:38:21 2011 PST by vadim # # files: * vrrp_cluster_2_linux-1.fw /etc/vrrp_cluster_2_linux-1.fw # @@ -642,7 +642,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:01 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/vrrp_cluster_2_linux-2.fw.orig b/test/ipt/vrrp_cluster_2_linux-2.fw.orig index a92d8ec7f..91af2101e 100755 --- a/test/ipt/vrrp_cluster_2_linux-2.fw.orig +++ b/test/ipt/vrrp_cluster_2_linux-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:01 2011 PST by vadim +# Generated Thu Feb 17 17:38:22 2011 PST by vadim # # files: * vrrp_cluster_2_linux-2.fw /etc/vrrp_cluster_2_linux-2.fw # @@ -547,7 +547,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:01 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:22 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/vrrp_cluster_2_linux-3.fw.orig b/test/ipt/vrrp_cluster_2_linux-3.fw.orig index 4b8ced423..01308b081 100755 --- a/test/ipt/vrrp_cluster_2_linux-3.fw.orig +++ b/test/ipt/vrrp_cluster_2_linux-3.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.2.0.3477 +# Firewall Builder fwb_ipt v4.2.0.3480 # -# Generated Tue Feb 15 14:29:01 2011 PST by vadim +# Generated Thu Feb 17 17:38:22 2011 PST by vadim # # files: * vrrp_cluster_2_linux-3.fw /etc/vrrp_cluster_2_linux-3.fw # @@ -523,7 +523,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Tue Feb 15 14:29:01 2011 by vadim" + log "Activating firewall script generated Thu Feb 17 17:38:22 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files