re-add dport POSTROUTING snat

2022-01-31 21:17:21 -06:00 · 2022-01-31 21:17:21 -06:00 · 9e257502c0
parent 80bafc9f10
commit 9e257502c0
3 changed files with 28 additions and 3 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1470,7 +1470,7 @@ checksum = "56770675ebc04927ded3e60633437841581c285dc6236109ea25fbf3beb7b59e"

 [[package]]
 name = "router"
-version = "0.1.0"
+version = "0.1.1"
 dependencies = [
 "anyhow",
 "async-fs",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "router"
-version = "0.1.0"
+version = "0.1.1"
 authors = ["asonix <asonix@asonix.dog>"]
 edition = "2018"
 build = "src/build.rs"
--- a/src/iptables.rs
+++ b/src/iptables.rs
@ -124,7 +124,7 @@ pub(crate) async fn forward_postrouting_snat(
    destination_ip: Ipv4Addr,
    func: impl Fn(&mut Command) -> &mut Command,
 ) -> Result<(), anyhow::Error> {
-    iptables_nat(move |cmd| {
+    iptables_nat(|cmd| {
        func(cmd).args(&[
            "POSTROUTING",
            "-s",
@ -147,6 +147,31 @@ pub(crate) async fn forward_postrouting_snat(
            &external_ip.to_string(),
        ])
    })
+    .await?;
+
+    iptables_nat(|cmd| {
+        func(cmd).args(&[
+            "POSTROUTING",
+            "-s",
+            &format!("{}/{}", internal_ip, internal_mask),
+            "-d",
+            &destination_ip.to_string(),
+            "-p",
+            proto.as_iptables_str(),
+            "-m",
+            proto.as_iptables_str(),
+            "--dport",
+            &internal_port.to_string(),
+            "-m",
+            "conntrack",
+            "--ctstate",
+            "NEW,RELATED,ESTABLISHED",
+            "-j",
+            "SNAT",
+            "--to-source",
+            &external_ip.to_string(),
+        ])
+    })
    .await
 }