From 3a4fe2736543d63891a750ac4f92586e04c01d26 Mon Sep 17 00:00:00 2001 From: xchaos Date: Sat, 12 May 2012 14:30:51 +0000 Subject: [PATCH] indexed SNAT/DNAT optimized for /dev/shm, 3xB (/16) private addreseses and 3 wan interfaces git-svn-id: https://dev.arachne.cz/repos/prometheus/trunk@165 251d49ef-1d17-4917-a970-b30cf55b089b --- optional-tools/make-iptables-restore | 191 ++++++++++++++++----------- optional-tools/make-pimp | 4 +- 2 files changed, 113 insertions(+), 82 deletions(-) diff --git a/optional-tools/make-iptables-restore b/optional-tools/make-iptables-restore index a4499a3..3e33fb2 100755 --- a/optional-tools/make-iptables-restore +++ b/optional-tools/make-iptables-restore @@ -2,21 +2,30 @@ iptables="/sbin/iptables" iptablesrestore="/sbin/iptables-restore" ifconfig="/sbin/ifconfig" +grep="/bin/grep" +cut="/usr/bin/cut" #pimp files must be generated by optional-tools/make-pimp utility -pimp_2way_nat="/mnt/mtdblock0/pimp-2way-nat.tmp" -pimp_snat="/mnt/mtdblock0/pimp-snat.tmp" +pimp_2way_nat="/dev/shm/pimp-2way-nat.tmp" +pimp_snat="/dev/shm/pimp-snat.tmp" etchosts="/mnt/mtdblock0/hosts" +restoretmp="/dev/shm/iptables-restore.tmp" restoredata="/mnt/mtdblock0/iptables-restore.in" wan1="vlan770" wan2="vlan771" -#just comment-out all lines mentioning wan3 on two-interface gateways wan3="vlan772" - -echo "*nat" > $restoredata -echo ":PREROUTING ACCEPT [0:0]" >> $restoredata -echo ":POSTROUTING ACCEPT [0:0]" >> $restoredata -echo ":OUTPUT ACCEPT [0:0]" >> $restoredata +wan4="vlan774" +czffirstbitmask="19" +czfsecondbitmask="22" +czfthirdbitmask="25" +czffourthbitmask="28" +pubfirstbitmask="26" +pubsecondbitmask="29" + +echo "*nat" > $restoretmp +echo ":PREROUTING ACCEPT [0:0]" >> $restoretmp +echo ":POSTROUTING ACCEPT [0:0]" >> $restoretmp +echo ":OUTPUT ACCEPT [0:0]" >> $restoretmp # =============================================================== # Symetrical SNAT-DNAT using indexed iptables @@ -24,69 +33,79 @@ echo ":OUTPUT ACCEPT [0:0]" >> $restoredata echo -n "Generating new iptables-restore data - two way SNAT/DNAT " -for czfip in `grep -v ^# $pimp_2way_nat|cut -f 1 -d " "` +for czfip in `$grep -v ^# $pimp_2way_nat|$cut -f 1 -d " "` do - pubip=`grep "$czfip " $pimp_2way_nat|cut -f 2 -d " "` - czffirstindex=priv_`ipcalc -n $czfip/20|grep Network|cut -f 4 -d \ |tr [./] _` - czfsecondindex=priv_`ipcalc -n $czfip/23|grep Network|cut -f 4 -d \ |tr [./] _` - czfthirdindex=priv_`ipcalc -n $czfip/26|grep Network|cut -f 4 -d \ |tr [./] _` - pubfirstindex=pub_`ipcalc -n $pubip/27|grep Network|cut -f 4 -d \ |tr [./] _` - pubsecondindex=pub_`ipcalc -n $pubip/29|grep Network|cut -f 4 -d \ |tr [./] _` - - if ! grep $czffirstindex $restoredata > /dev/null + pubip=`$grep "$czfip " $pimp_2way_nat|$cut -f 2 -d " "` + czffirstindex=priv_`ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + czfsecondindex=priv_`ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + czfthirdindex=priv_`ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + czffourthindex=priv_`ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + pubfirstindex=pub_`ipcalc -n $pubip/$pubfirstbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + pubsecondindex=pub_`ipcalc -n $pubip/$pubsecondbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + + if ! $grep $czffirstindex $restoretmp > /dev/null then - echo :$czffirstindex "- [0:0]" >> $restoredata - echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/20|grep Network|cut -f 4 -d \ ` -o $wan1 -j $czffirstindex >> $restoredata - echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/20|grep Network|cut -f 4 -d \ ` -o $wan2 -j $czffirstindex >> $restoredata - echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/20|grep Network|cut -f 4 -d \ ` -o $wan3 -j $czffirstindex >> $restoredata + echo :$czffirstindex "- [0:0]" >> $restoretmp + echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan1 -j $czffirstindex >> $restoretmp + echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan2 -j $czffirstindex >> $restoretmp + echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan3 -j $czffirstindex >> $restoretmp + echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan4 -j $czffirstindex >> $restoretmp fi - if ! grep $czfsecondindex $restoredata > /dev/null + if ! $grep $czfsecondindex $restoretmp > /dev/null then - echo :$czfsecondindex "- [0:0]" >> $restoredata - echo -A $czffirstindex -s `ipcalc -n $czfip/23|grep Network|cut -f 4 -d \ ` -o $wan1 -j $czfsecondindex >> $restoredata - echo -A $czffirstindex -s `ipcalc -n $czfip/23|grep Network|cut -f 4 -d \ ` -o $wan2 -j $czfsecondindex >> $restoredata - echo -A $czffirstindex -s `ipcalc -n $czfip/23|grep Network|cut -f 4 -d \ ` -o $wan3 -j $czfsecondindex >> $restoredata + echo :$czfsecondindex "- [0:0]" >> $restoretmp + echo -A $czffirstindex -s `ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan1 -j $czfsecondindex >> $restoretmp + echo -A $czffirstindex -s `ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan2 -j $czfsecondindex >> $restoretmp + echo -A $czffirstindex -s `ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan3 -j $czfsecondindex >> $restoretmp + echo -A $czffirstindex -s `ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan4 -j $czfsecondindex >> $restoretmp fi - if ! grep $czfthirdindex $restoredata > /dev/null + if ! $grep $czfthirdindex $restoretmp > /dev/null then - echo :$czfthirdindex "- [0:0]" >> $restoredata - echo -A $czfsecondindex -s `ipcalc -n $czfip/26|grep Network|cut -f 4 -d \ ` -o $wan1 -j $czfthirdindex >> $restoredata - echo -A $czfsecondindex -s `ipcalc -n $czfip/26|grep Network|cut -f 4 -d \ ` -o $wan2 -j $czfthirdindex >> $restoredata - echo -A $czfsecondindex -s `ipcalc -n $czfip/26|grep Network|cut -f 4 -d \ ` -o $wan3 -j $czfthirdindex >> $restoredata + echo :$czfthirdindex "- [0:0]" >> $restoretmp + echo -A $czfsecondindex -s `ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan1 -j $czfthirdindex >> $restoretmp + echo -A $czfsecondindex -s `ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan2 -j $czfthirdindex >> $restoretmp + echo -A $czfsecondindex -s `ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan3 -j $czfthirdindex >> $restoretmp + echo -A $czfsecondindex -s `ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan4 -j $czfthirdindex >> $restoretmp fi - if ! grep $pubfirstindex $restoredata > /dev/null + if ! $grep $czffourthindex $restoretmp > /dev/null then - echo :$pubfirstindex "- [0:0]" >> $restoredata - echo -A PREROUTING -i $wan1 -d `ipcalc -n $pubip/27|grep Network|cut -f 4 -d \ ` -j $pubfirstindex >> $restoredata - echo -A PREROUTING -i $wan2 -d `ipcalc -n $pubip/27|grep Network|cut -f 4 -d \ ` -j $pubfirstindex >> $restoredata - echo -A PREROUTING -i $wan3 -d `ipcalc -n $pubip/27|grep Network|cut -f 4 -d \ ` -j $pubfirstindex >> $restoredata + echo :$czffourthindex "- [0:0]" >> $restoretmp + echo -A $czfthirdindex -s `ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan1 -j $czffourthindex >> $restoretmp + echo -A $czfthirdindex -s `ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan2 -j $czffourthindex >> $restoretmp + echo -A $czfthirdindex -s `ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan3 -j $czffourthindex >> $restoretmp + echo -A $czfthirdindex -s `ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan4 -j $czffourthindex >> $restoretmp fi - if ! grep $pubsecondindex $restoredata > /dev/null + if ! $grep $pubfirstindex $restoretmp > /dev/null then - echo :$pubsecondindex "- [0:0]" >> $restoredata - echo -A $pubfirstindex -i $wan1 -d `ipcalc -n $pubip/29|grep Network|cut -f 4 -d \ ` -j $pubsecondindex >> $restoredata - echo -A $pubfirstindex -i $wan2 -d `ipcalc -n $pubip/29|grep Network|cut -f 4 -d \ ` -j $pubsecondindex >> $restoredata - echo -A $pubfirstindex -i $wan3 -d `ipcalc -n $pubip/29|grep Network|cut -f 4 -d \ ` -j $pubsecondindex >> $restoredata + echo :$pubfirstindex "- [0:0]" >> $restoretmp + echo -A PREROUTING -i $wan1 -d `ipcalc -n $pubip/$pubfirstbitmask|$grep Network|$cut -f 4 -d \ ` -j $pubfirstindex >> $restoretmp + echo -A PREROUTING -i $wan2 -d `ipcalc -n $pubip/$pubfirstbitmask|$grep Network|$cut -f 4 -d \ ` -j $pubfirstindex >> $restoretmp + echo -A PREROUTING -i $wan3 -d `ipcalc -n $pubip/$pubfirstbitmask|$grep Network|$cut -f 4 -d \ ` -j $pubfirstindex >> $restoretmp + echo -A PREROUTING -i $wan4 -d `ipcalc -n $pubip/$pubfirstbitmask|$grep Network|$cut -f 4 -d \ ` -j $pubfirstindex >> $restoretmp fi - echo -A $pubsecondindex -i $wan1 -d $pubip/32 -j DNAT --to-destination $czfip >> $restoredata - echo -A $pubsecondindex -i $wan2 -d $pubip/32 -j DNAT --to-destination $czfip >> $restoredata - echo -A $pubsecondindex -i $wan3 -d $pubip/32 -j DNAT --to-destination $czfip >> $restoredata - echo -A $pubsecondindex -i $wan1 -d $pubip/32 -j ACCEPT >> $restoredata - echo -A $pubsecondindex -i $wan2 -d $pubip/32 -j ACCEPT >> $restoredata - echo -A $pubsecondindex -i $wan3 -d $pubip/32 -j ACCEPT >> $restoredata + if ! $grep $pubsecondindex $restoretmp > /dev/null + then + echo :$pubsecondindex "- [0:0]" >> $restoretmp + echo -A $pubfirstindex -i $wan1 -d `ipcalc -n $pubip/$pubsecondbitmask|$grep Network|$cut -f 4 -d \ ` -j $pubsecondindex >> $restoretmp + echo -A $pubfirstindex -i $wan2 -d `ipcalc -n $pubip/$pubsecondbitmask|$grep Network|$cut -f 4 -d \ ` -j $pubsecondindex >> $restoretmp + echo -A $pubfirstindex -i $wan3 -d `ipcalc -n $pubip/$pubsecondbitmask|$grep Network|$cut -f 4 -d \ ` -j $pubsecondindex >> $restoretmp + echo -A $pubfirstindex -i $wan4 -d `ipcalc -n $pubip/$pubsecondbitmask|$grep Network|$cut -f 4 -d \ ` -j $pubsecondindex >> $restoretmp + fi + echo -A $pubsecondindex -i $wan1 -d $pubip/32 -j DNAT --to-destination $czfip >> $restoretmp + echo -A $pubsecondindex -i $wan2 -d $pubip/32 -j DNAT --to-destination $czfip >> $restoretmp + echo -A $pubsecondindex -i $wan3 -d $pubip/32 -j DNAT --to-destination $czfip >> $restoretmp + echo -A $pubsecondindex -i $wan4 -d $pubip/32 -j DNAT --to-destination $czfip >> $restoretmp - echo -A $czfthirdindex -s $czfip/32 -o $wan1 -j SNAT --to-source $pubip >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan2 -j SNAT --to-source $pubip >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan3 -j SNAT --to-source $pubip >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan1 -j ACCEPT >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan2 -j ACCEPT >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan3 -j ACCEPT >> $restoredata + echo -A $czffourthindex -s $czfip/32 -o $wan1 -j SNAT --to-source $pubip >> $restoretmp + echo -A $czffourthindex -s $czfip/32 -o $wan2 -j SNAT --to-source $pubip >> $restoretmp + echo -A $czffourthindex -s $czfip/32 -o $wan3 -j SNAT --to-source $pubip >> $restoretmp + echo -A $czffourthindex -s $czfip/32 -o $wan4 -j SNAT --to-source $pubip >> $restoretmp echo -n . done @@ -98,46 +117,58 @@ echo -n "Generating new iptables-restore data - one way SNAT " # SNAT only using indexed iptables (should be rather function, hmm) # =============================================================== -for czfip in `grep -v ^# $pimp_snat|cut -f 1 -d " "` +for czfip in `$grep -v ^# $pimp_snat|$cut -f 1 -d " "` do - pubip=`grep "$czfip " $pimp_snat|cut -f 2 -d " "` - czffirstindex=priv_`ipcalc -n $czfip/20|grep Network|cut -f 4 -d \ |tr [./] _` - czfsecondindex=priv_`ipcalc -n $czfip/23|grep Network|cut -f 4 -d \ |tr [./] _` - czfthirdindex=priv_`ipcalc -n $czfip/26|grep Network|cut -f 4 -d \ |tr [./] _` + pubip=`$grep "$czfip " $pimp_snat|$cut -f 2 -d " "` + czffirstindex=priv_`ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + czfsecondindex=priv_`ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + czfthirdindex=priv_`ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + czffourthindex=priv_`ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ |tr [./] _` + + if ! $grep $czffirstindex $restoretmp > /dev/null + then + echo :$czffirstindex "- [0:0]" >> $restoretmp + echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan1 -j $czffirstindex >> $restoretmp + echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan2 -j $czffirstindex >> $restoretmp + echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan3 -j $czffirstindex >> $restoretmp + echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/$czffirstbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan4 -j $czffirstindex >> $restoretmp + fi - if ! grep $czffirstindex $restoredata > /dev/null + if ! $grep $czfsecondindex $restoretmp > /dev/null then - echo :$czffirstindex "- [0:0]" >> $restoredata - echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/20|grep Network|cut -f 4 -d \ ` -o $wan1 -j $czffirstindex >> $restoredata - echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/20|grep Network|cut -f 4 -d \ ` -o $wan2 -j $czffirstindex >> $restoredata - echo -A POSTROUTING -d ! 10.0.0.0/8 -s `ipcalc -n $czfip/20|grep Network|cut -f 4 -d \ ` -o $wan3 -j $czffirstindex >> $restoredata + echo :$czfsecondindex "- [0:0]" >> $restoretmp + echo -A $czffirstindex -s `ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan1 -j $czfsecondindex >> $restoretmp + echo -A $czffirstindex -s `ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan2 -j $czfsecondindex >> $restoretmp + echo -A $czffirstindex -s `ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan3 -j $czfsecondindex >> $restoretmp + echo -A $czffirstindex -s `ipcalc -n $czfip/$czfsecondbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan4 -j $czfsecondindex >> $restoretmp fi - if ! grep $czfsecondindex $restoredata > /dev/null + if ! $grep $czfthirdindex $restoretmp > /dev/null then - echo :$czfsecondindex "- [0:0]" >> $restoredata - echo -A $czffirstindex -s `ipcalc -n $czfip/23|grep Network|cut -f 4 -d \ ` -o $wan1 -j $czfsecondindex >> $restoredata - echo -A $czffirstindex -s `ipcalc -n $czfip/23|grep Network|cut -f 4 -d \ ` -o $wan2 -j $czfsecondindex >> $restoredata - echo -A $czffirstindex -s `ipcalc -n $czfip/23|grep Network|cut -f 4 -d \ ` -o $wan3 -j $czfsecondindex >> $restoredata + echo :$czfthirdindex "- [0:0]" >> $restoretmp + echo -A $czfsecondindex -s `ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan1 -j $czfthirdindex >> $restoretmp + echo -A $czfsecondindex -s `ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan2 -j $czfthirdindex >> $restoretmp + echo -A $czfsecondindex -s `ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan3 -j $czfthirdindex >> $restoretmp + echo -A $czfsecondindex -s `ipcalc -n $czfip/$czfthirdbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan4 -j $czfthirdindex >> $restoretmp fi - if ! grep $czfthirdindex $restoredata > /dev/null + if ! $grep $czffourthindex $restoretmp > /dev/null then - echo :$czfthirdindex "- [0:0]" >> $restoredata - echo -A $czfsecondindex -s `ipcalc -n $czfip/26|grep Network|cut -f 4 -d \ ` -o $wan1 -j $czfthirdindex >> $restoredata - echo -A $czfsecondindex -s `ipcalc -n $czfip/26|grep Network|cut -f 4 -d \ ` -o $wan2 -j $czfthirdindex >> $restoredata - echo -A $czfsecondindex -s `ipcalc -n $czfip/26|grep Network|cut -f 4 -d \ ` -o $wan3 -j $czfthirdindex >> $restoredata + echo :$czffourthindex "- [0:0]" >> $restoretmp + echo -A $czfthirdindex -s `ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan1 -j $czffourthindex >> $restoretmp + echo -A $czfthirdindex -s `ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan2 -j $czffourthindex >> $restoretmp + echo -A $czfthirdindex -s `ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan3 -j $czffourthindex >> $restoretmp + echo -A $czfthirdindex -s `ipcalc -n $czfip/$czffourthbitmask|$grep Network|$cut -f 4 -d \ ` -o $wan4 -j $czffourthindex >> $restoretmp fi - echo -A $czfthirdindex -s $czfip/32 -o $wan1 -j SNAT --to-source $pubip >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan2 -j SNAT --to-source $pubip >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan3 -j SNAT --to-source $pubip >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan1 -j ACCEPT >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan2 -j ACCEPT >> $restoredata - echo -A $czfthirdindex -s $czfip/32 -o $wan3 -j ACCEPT >> $restoredata + echo -A $czffourthindex -s $czfip/32 -o $wan1 -j SNAT --to-source $pubip >> $restoretmp + echo -A $czffourthindex -s $czfip/32 -o $wan2 -j SNAT --to-source $pubip >> $restoretmp + echo -A $czffourthindex -s $czfip/32 -o $wan3 -j SNAT --to-source $pubip >> $restoretmp + echo -A $czffourthindex -s $czfip/32 -o $wan4 -j SNAT --to-source $pubip >> $restoretmp echo -n . done echo " done." -echo COMMIT >> $restoredata +echo COMMIT >> $restoretmp +mv $restoretmp $restoredata \ No newline at end of file diff --git a/optional-tools/make-pimp b/optional-tools/make-pimp index cdd6264..fd58569 100755 --- a/optional-tools/make-pimp +++ b/optional-tools/make-pimp @@ -1,6 +1,6 @@ #!/bin/bash -pimp_2way_nat="/mnt/mtdblock0/pimp-2way-nat.tmp" -pimp_snat="/mnt/mtdblock0/pimp-snat.tmp" +pimp_2way_nat="/dev/shm/pimp-2way-nat.tmp" +pimp_snat="/dev/shm/pimp-snat.tmp" etchosts="/mnt/mtdblock0/hosts" echo -n "Writing $pimp_2way_nat" -- 2.30.2