diff options
| author | Thomas Haller <thaller@redhat.com> | 2020-10-27 17:17:25 +0100 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2020-10-27 17:40:20 +0100 |
| commit | 33041e04afe195e40d49a748df1ed56e6f0d523d (patch) | |
| tree | 17f96029a86f981ca5430ff86a6acd0fc684d0f3 | |
| parent | be7bf38a3a3a15b18b5978757beca098afad3185 (diff) | |
| download | NetworkManager-th/l3cfg-14.tar.gz | |
core: use nm_utils_share_rules_add_all_rules() from NMDeviceth/l3cfg-14
| -rw-r--r-- | src/devices/nm-device.c | 65 |
1 files changed, 1 insertions, 64 deletions
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c index 64eea27485..a30e42df41 100644 --- a/src/devices/nm-device.c +++ b/src/devices/nm-device.c @@ -11594,9 +11594,6 @@ start_sharing(NMDevice *self, NMIP4Config *config, GError **error) { NMDevicePrivate * priv = NM_DEVICE_GET_PRIVATE(self); NMActRequest * req; - char str_addr[INET_ADDRSTRLEN]; - char str_mask[INET_ADDRSTRLEN]; - guint32 netmask, network; const NMPlatformIP4Address *ip4_addr = NULL; const char * ip_iface; GError * local = NULL; @@ -11628,69 +11625,9 @@ start_sharing(NMDevice *self, NMIP4Config *config, GError **error) req = nm_device_get_act_request(self); g_return_val_if_fail(req, FALSE); - netmask = _nm_utils_ip4_prefix_to_netmask(ip4_addr->plen); - _nm_utils_inet4_ntop(netmask, str_mask); - - network = ip4_addr->address & netmask; - _nm_utils_inet4_ntop(network, str_addr); - share_rules = nm_utils_share_rules_new(); - nm_utils_share_rules_add_rule_v( - share_rules, - "nat", - "POSTROUTING --source %s/%s ! --destination %s/%s --jump MASQUERADE", - str_addr, - str_mask, - str_addr, - str_mask); - nm_utils_share_rules_add_rule_v( - share_rules, - "filter", - "FORWARD --destination %s/%s --out-interface %s --match state --state " - "ESTABLISHED,RELATED --jump ACCEPT", - str_addr, - str_mask, - ip_iface); - nm_utils_share_rules_add_rule_v(share_rules, - "filter", - "FORWARD --source %s/%s --in-interface %s --jump ACCEPT", - str_addr, - str_mask, - ip_iface); - nm_utils_share_rules_add_rule_v(share_rules, - "filter", - "FORWARD --in-interface %s --out-interface %s --jump ACCEPT", - ip_iface, - ip_iface); - nm_utils_share_rules_add_rule_v(share_rules, - "filter", - "FORWARD --out-interface %s --jump REJECT", - ip_iface); - nm_utils_share_rules_add_rule_v(share_rules, - "filter", - "FORWARD --in-interface %s --jump REJECT", - ip_iface); - nm_utils_share_rules_add_rule_v( - share_rules, - "filter", - "INPUT --in-interface %s --protocol udp --destination-port 67 --jump ACCEPT", - ip_iface); - nm_utils_share_rules_add_rule_v( - share_rules, - "filter", - "INPUT --in-interface %s --protocol tcp --destination-port 67 --jump ACCEPT", - ip_iface); - nm_utils_share_rules_add_rule_v( - share_rules, - "filter", - "INPUT --in-interface %s --protocol udp --destination-port 53 --jump ACCEPT", - ip_iface); - nm_utils_share_rules_add_rule_v( - share_rules, - "filter", - "INPUT --in-interface %s --protocol tcp --destination-port 53 --jump ACCEPT", - ip_iface); + nm_utils_share_rules_add_all_rules(share_rules, ip_iface, ip4_addr->address, ip4_addr->plen); nm_utils_share_rules_apply(share_rules, TRUE); |