smeserver-coova-chilli/contribs7/smeserver-coova-chilli-0.2-iptables_insert_position.patch

--- smeserver-coova-chilli-0.2/root/etc/chilli/conup.sh.iptables_insert_position        2010-07-19 17:44:27.000000000 +0200
+++ smeserver-coova-chilli-0.2/root/etc/chilli/conup.sh 2010-07-20 10:34:16.000000000 +0200
@@ -5,7 +5,10 @@
 
 if [[ $SQUID_STATUS == 'enabled' && $WEB_REQ == 'squid' ]]; then
        SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
-       /sbin/iptables -t nat -I PREROUTING_FROM_CHILLI 4 -s $2 \
+       # We need to insert rules just before the accept, so we'll have to compute this position
+       POSITION=$(LANG=C iptables -t nat -L PREROUTING_FROM_CHILLI -n | \
+               egrep -v '(Chain|target)' | grep -n ACCEPT | cut -d':' -f1)
+       /sbin/iptables -t nat -I PREROUTING_FROM_CHILLI $POSITION -s $2 \
                -p tcp --dport 80 -j DNAT --to $1:$SQUID_PORT 
         /sbin/iptables -I IN_FROM_CHILLI 7 -s $2 \
                 -p tcp --dport $SQUID_PORT --syn -j ACCEPT
1	vip-ire	1.1	--- smeserver-coova-chilli-0.2/root/etc/chilli/conup.sh.iptables_insert_position 2010-07-19 17:44:27.000000000 +0200
2			+++ smeserver-coova-chilli-0.2/root/etc/chilli/conup.sh 2010-07-20 10:34:16.000000000 +0200
3			@@ -5,7 +5,10 @@
4
5			if [[ $SQUID_STATUS == 'enabled' && $WEB_REQ == 'squid' ]]; then
6			SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
7			- /sbin/iptables -t nat -I PREROUTING_FROM_CHILLI 4 -s $2 \
8			+ # We need to insert rules just before the accept, so we'll have to compute this position
9			+ POSITION=$(LANG=C iptables -t nat -L PREROUTING_FROM_CHILLI -n \| \
10			+ egrep -v '(Chain\|target)' \| grep -n ACCEPT \| cut -d':' -f1)
11			+ /sbin/iptables -t nat -I PREROUTING_FROM_CHILLI $POSITION -s $2 \
12			-p tcp --dport 80 -j DNAT --to $1:$SQUID_PORT
13			/sbin/iptables -I IN_FROM_CHILLI 7 -s $2 \
14			-p tcp --dport $SQUID_PORT --syn -j ACCEPT