summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJoey Hess2017-07-26 23:12:56 -0400
committerJoey Hess2017-07-26 23:12:56 -0400
commit89816fb838873fc97ffa9d3827440bebb848c140 (patch)
treeb7fb7556b662093707173c96befe663e5283d0ab /src
parent8ab7c1a3680ad59a3017eaa21d7985e662c669a0 (diff)
parent2ca09603bdfa6a071144be67644729e268070ce7 (diff)
Merge branch 'joeyconfig'
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/SiteSpecific/JoeySites.hs16
1 files changed, 8 insertions, 8 deletions
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index 499409e0..3f3f657f 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -930,18 +930,18 @@ alarmClock oncalendar (User user) command = combineProperties "goodmorning timer
& "/etc/systemd/logind.conf" `ConfFile.containsIniSetting`
("Login", "LidSwitchIgnoreInhibited", "no")
--- | Enable IP masqerading, from the intif to the extif.
-ipmasq :: String -> String -> Property DebianLike
-ipmasq extif intif = script `File.hasContent`
+-- | Enable IP masqerading, on whatever other interfaces come up.
+ipmasq :: String -> Property DebianLike
+ipmasq intif = script `File.hasContent`
[ "#!/bin/sh"
- , "EXTIF=" ++ extif
, "INTIF=" ++ intif
- , "if [ \"$IFACE\" != $EXTIF; then"
+ , "if [ \"$IFACE\" = $INTIF ] || [ \"$IFACE\" = lo ]; then"
, "exit 0"
, "fi"
- , "iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT"
- , "iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT"
- , "iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE"
+ , "iptables -F"
+ , "iptables -A FORWARD -i $IFACE -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT"
+ , "iptables -A FORWARD -i $INTIF -o $IFACE -j ACCEPT"
+ , "iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE"
, "echo 1 > /proc/sys/net/ipv4/ip_forward"
]
`requires` Apt.installed ["iptables"]