From 47eea279ec50e1fbf5df4fe49e74d357079db1ee Mon Sep 17 00:00:00 2001
From: gyurix <gyorgy.berenyi@format.hu>
Date: Sat, 12 Mar 2022 15:10:12 +0000
Subject: [PATCH] Inserting source postrouting rules

---
 firewall/firewall-add | 39 ++++++++++++++++++++++++++++-----------
 1 file changed, 28 insertions(+), 11 deletions(-)

diff --git a/firewall/firewall-add b/firewall/firewall-add
index 4d563af..f4bd28b 100755
--- a/firewall/firewall-add
+++ b/firewall/firewall-add
@@ -76,19 +76,36 @@ prerouting() {
 }
 
 postrouting() {
-	LINES=$($IPTABLES -L --line-number -n | grep $COMMENT | grep $TARGET_IP | grep $TARGET_PORT | awk '{print $1}'| tac)
-	debug "Previous postrouting lines: "$LINES
 
-	# DELETE UNECESSARY LINES FROM PREVIOUS RULES
-	if [ -n "$LINES" ] ; then
-		for i in $LINES; do 
-			debug "$IPTABLES -D POSTROUTING $i"
-			$IPTABLES -D POSTROUTING $i
-			sleep 0.1
-		done
-	fi
+	if  [ -n "$SOURCE_IP" ] ; then
+		LINES=$($IPTABLES -L --line-number -n | grep $COMMENT | grep $SOURCE_IP | grep $SOURCE_PORT | awk '{print $1}'| tac)
+		debug "Previous postrouting lines: "$LINES
 
-	debug "$IPTABLES -I POSTROUTING -d $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j MASQUERADE"	
+		# DELETE UNECESSARY LINES FROM PREVIOUS RULES
+		if [ -n "$LINES" ] ; then
+			for i in $LINES; do 
+				debug "$IPTABLES -D POSTROUTING $i"
+				$IPTABLES -D POSTROUTING $i
+				sleep 0.1
+			done
+		fi
+	
+	debug "$IPTABLES -I POSTROUTING -s $SOURCE_IP -p $PROTOCOL --dport $SOURCE_PORT -m comment --comment "$COMMENT" -j MASQUERADE"	
+	$IPTABLES -I POSTROUTING -d $SOURCE_IP -p $PROTOCOL --dport $SOURCE_PORT -m comment --comment "$COMMENT" -j MASQUERADE	
+	
+	if  [ -n "$TARGET_IP" ] ; then
+		LINES=$($IPTABLES -L --line-number -n | grep $COMMENT | grep $TARGET_IP | grep $TARGET_PORT | awk '{print $1}'| tac)
+		debug "Previous postrouting lines: "$LINES
+
+		# DELETE UNECESSARY LINES FROM PREVIOUS RULES
+		if [ -n "$LINES" ] ; then
+			for i in $LINES; do 
+				debug "$IPTABLES -D POSTROUTING $i"
+				$IPTABLES -D POSTROUTING $i
+				sleep 0.1
+			done
+		fi
+	debug "$IPTABLES -I POSTROUTING -s $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j MASQUERADE"	
 	$IPTABLES -I POSTROUTING -d $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j MASQUERADE	
 }