Skip to content

Commit

Permalink
Support interfaces with name other than eth0
Browse files Browse the repository at this point in the history 
This fixes the iptables rule which only applies SNAT
if traffic gets out from eth0. In my case I also wanted
to apply SNAT for traffic going to internal bridge interface.
  • Loading branch information
@samos123
samos123 committed Jun 16, 2016
1 parent b6dae24 commit cf9ca69
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ service rsyslog start
sysctl -w net.ipv4.ip_forward=1

# configure firewall
iptables -t nat -A POSTROUTING -s 10.99.99.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.99.99.0/24 ! -d 10.99.99.0/24 -j MASQUERADE
iptables -A FORWARD -s 10.99.99.0/24 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 1356

exec "$@"

0 comments on commit cf9ca69

Please sign in to comment.