X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/blobdiff_plain/d21c8fa90dc31cc1f552de6fd3c22d1cefa1d15d..1b1012475aa2ffe55ac358220c15c970cb49df4a:/precision.m4

diff --git a/precision.m4 b/precision.m4
index 598a990..2a07763 100644
--- a/precision.m4
+++ b/precision.m4
@@ -36,5 +36,17 @@ allowservices inbound udp \
 dnsresolver inbound
 dnsserver inbound
 
+## Nefarious VPN NAT hack.
+for i in PREROUTING OUTPUT POSTROUTING; do
+  run iptables -t nat -P $i ACCEPT 2>/dev/null || :
+  run iptables -t nat -F $i 2>/dev/null || :
+done
+run iptables -t nat -F
+run iptables -t nat -X
+makeset vpn-nat hash:net family inet
+run iptables -t nat -A POSTROUTING -o eth0 \
+	-m set --match-set vpn-nat dst \
+	-j SNAT --to-source 212.13.198.70
+
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------