289a63d08bf40253ca412a4b2486d37bf0a34297
[openwrt/svn-archive/archive.git] / natpmp / files / natpmp.init
1 #!/bin/sh /etc/rc.common
2
3 START=70
4
5 IP=$(which ip)
6 IPTABLES=$(which iptables)
7 NATPMP=/usr/sbin/natpmp
8 PIDFILE=/var/run/natpmp.pid
9
10 natpmp_config() {
11 local cfg="$1"
12
13 config_get PUBLIC_IF "$cfg" outbound_interface
14 config_get PRIVATE_IFS "$cfg" inbound_interfaces
15 config_get IPTABLES_CHAIN "$cfg" iptables_chain
16 }
17
18 start() {
19 config_load natpmp
20 config_foreach natpmp_config natpmp
21
22 # Flush all the rules in the natpmp chain, or create it, if it doesn't exists.
23 $IPTABLES -t nat -F $IPTABLES_CHAIN 2>/dev/null || \
24 $IPTABLES -t nat -N $IPTABLES_CHAIN
25
26 # Handle all incoming connections in the natpmp chain.
27 $IPTABLES -t nat -D PREROUTING -j $IPTABLES_CHAIN 2>/dev/null || true
28 $IPTABLES -t nat -A PREROUTING -j $IPTABLES_CHAIN
29
30 # Iterate through the private interfaces.
31 BIND_ARGS=""
32 for IF in $PRIVATE_IFS; do
33 # Get the IP address of this interface.
34 ADDR=`$IP addr show dev $IF 2>/dev/null | grep "^ *inet .* $IF\$" | cut -d " " -f 6 | cut -d / -f 1`
35 if [ -n "$ADDR" ] ; then
36 # Add the IP address to the argument list.
37 BIND_ARGS="$BIND_ARGS -a $ADDR"
38 else
39 echo "Could not get IP address of interface $IF. Skipping." >&2
40 fi
41 done
42
43 if [ -z "$BIND_ARGS" ] ; then
44 echo "No IP addresses to bind to. Exiting." >&2
45 exit 1
46 fi
47
48 $NATPMP -p $PIDFILE -b -i "$PUBLIC_IF" $BIND_ARGS -- "$IPTABLES_CHAIN"
49 }
50
51 stop() {
52 config_load natpmp
53 config_foreach natpmp_config natpmp
54
55 # Unlink chain
56 $IPTABLES -t nat -D PREROUTING -j $IPTABLES_CHAIN 2>/dev/null || true
57
58 # Flush all the rules in the natpmp chain
59 $IPTABLES -t nat -F $IPTABLES_CHAIN 2>/dev/null && \
60 $IPTABLES -t nat -X $IPTABLES_CHAIN
61
62 kill $(cat $PIDFILE)
63 }