2010-05-19 16:19:01 +02:00
|
|
|
#!/bin/sh
|
|
|
|
addrule()
|
|
|
|
{
|
2017-09-30 03:17:14 +02:00
|
|
|
if [ "$FIRSTONE" = yes ] ; then
|
2010-05-19 16:19:01 +02:00
|
|
|
FIRSTONE=no
|
2015-10-12 01:28:05 +02:00
|
|
|
RULE1="-A PR-QBS -d $NS1 -p udp --dport 53 -j DNAT --to $1
|
|
|
|
-A PR-QBS -d $NS1 -p tcp --dport 53 -j DNAT --to $1"
|
2017-03-19 22:56:34 +01:00
|
|
|
RULE2="-A PR-QBS -d $NS2 -p udp --dport 53 -j DNAT --to $1
|
|
|
|
-A PR-QBS -d $NS2 -p tcp --dport 53 -j DNAT --to $1"
|
2010-05-19 16:19:01 +02:00
|
|
|
else
|
2015-10-12 01:28:05 +02:00
|
|
|
RULE2="-A PR-QBS -d $NS2 -p udp --dport 53 -j DNAT --to $1
|
|
|
|
-A PR-QBS -d $NS2 -p tcp --dport 53 -j DNAT --to $1"
|
2010-05-19 16:19:01 +02:00
|
|
|
fi
|
|
|
|
}
|
|
|
|
export PATH=$PATH:/sbin:/bin
|
2017-09-30 03:17:14 +02:00
|
|
|
# shellcheck disable=SC1091
|
2014-09-26 19:56:12 +02:00
|
|
|
. /var/run/qubes/qubes-ns
|
2017-09-30 03:17:14 +02:00
|
|
|
if [ "X$NS1" = "X" ] ; then exit ; fi
|
2010-09-06 15:10:01 +02:00
|
|
|
iptables -t nat -F PR-QBS
|
2010-05-19 16:19:01 +02:00
|
|
|
FIRSTONE=yes
|
2012-01-30 13:41:41 +01:00
|
|
|
grep ^nameserver /etc/resolv.conf | grep -v ":.*:" | head -2 |
|
2010-06-04 13:44:18 +02:00
|
|
|
(
|
2017-09-30 03:17:14 +02:00
|
|
|
# shellcheck disable=SC2034
|
|
|
|
while read -r x y z ; do
|
2010-06-04 13:44:18 +02:00
|
|
|
addrule "$y"
|
|
|
|
done
|
2015-10-12 01:28:05 +02:00
|
|
|
(echo "*nat"; echo "$RULE1"; echo "$RULE2"; echo COMMIT) | iptables-restore -n
|
2010-06-04 13:44:18 +02:00
|
|
|
)
|
|
|
|
|