examples/var_service/fw/run: allow extif's to be more than one iface

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

1 files changed, 12 insertions, 8 deletions

diff --git a/examples/var_service/fw/run b/examples/var_service/fw/run
index 41078d0ab..15c2b2f0a 100755
--- a/examples/var_service/fw/run
+++ b/examples/var_service/fw/run
@@ -179,7 +179,9 @@ ipt="iptables -t nat -A OUTPUT"
 #       OUTGOING TRAFFIC
 ipt="iptables -t nat -A POSTROUTING"
 # Masquerade boxes on my private net
-doit $ipt -s 192.168.0.0/24 -o $extif -j MASQUERADE
+for e in $extif; do
+        doit $ipt -s 192.168.0.0/24 -o $e -j MASQUERADE
+done
 
 #       *** mangle ***
 ### DEBUG
@@ -204,7 +206,9 @@ fi
 doit $ipt -p tcp -j REJECT      # Anything else isn't ok. REJECT = irc opens faster
                                 # (it probes proxy ports, DROP will incur timeout delays)
 ipt="iptables -t filter -A INPUT"
-doit $ipt -i $extif -j iext
+for e in $extif; do
+        doit $ipt -i $e -j iext
+done
 
 
 echo; echo "* Enabling forwarding"
@@ -222,12 +226,12 @@ echo; echo "* Routing:"
 ip r l
 echo; echo "* Firewall:"
 {
-echo '---FILTER--';
-iptables -v -L -x -n;
-echo '---NAT-----';
-iptables -t nat -v -L -x -n;
-echo '---MANGLE--';
-iptables -t mangle -v -L -x -n;
+echo '---FILTER--'
+iptables -v -L -x -n
+echo '---NAT-----'
+iptables -t nat -v -L -x -n
+echo '---MANGLE--'
+iptables -t mangle -v -L -x -n
 } \
 | grep -v '^$' | grep -Fv 'bytes target'
 echo