jablonka.czprosek.czf

freenet-router

Subversion Repositories:
[/] [trunk/] [freenet-router/] [etc/] [firewall/] [nat] - Blame information for rev 2

 

Line No. Rev Author Line
12simandl#! /bin/bash
2# Firewall nove generace pro Czela Debian 3.0
3# Autor: Mirek Slugen
4# Spoluatori: Michal Perlik, Michal Vondracek, Jan Chmelensky
5# Vytvoreno: 06.11.2006
6# Naposledy zmeneno: 11.1.2009
7# Tento skript muzete volne sirit a upravovat.
8#
9# TODO: Dodelat nat typu tree, ktery potrebuje zjednoduseni, vycisteni kodu a testovani!!!
10#
11 
12# prevede /X na xxx.xxx.xxx.xxx
13convert_net_to_mask() {
14 if let $(((32-$1) > 0)); then
15 M4=$(((255 << (32-$1)) & 255))
16 else
17 M4=255
18 fi
19 if let $(((24-$1) > 0)); then
20 M3=$(((255 << (24-$1)) & 255))
21 else
22 M3=255
23 fi
24 if let $(((16-$1) > 0)); then
25 M2=$(((255 << (16-$1)) & 255))
26 else
27 M2=255
28 fi
29 if let $(((8-$1) > 0)); then
30 M1=$(((255 << (8-$1)) & 255))
31 else
32 M1=255
33 fi
34}
35 
36# prevede napriklad 10.93.55.125/24 na 10.93.55.0/24
37convert_ip_to_network() {
38 IP_POM=($(tr '/' ' ' <<< "$1"))
39 BC=${IP_POM[1]}
40 IP_POM=($(tr '.' ' ' <<< "${IP_POM[0]}"))
41 BCN="$(($BC - 1))"
42 convert_net_to_mask "$BCN"
43}
44 
45# implementace natu
46nat() {
47 # Tady zacina nat 1:1
48 echo -n "Starting NAT 1:1..."
49 
50 # Kontrola na neexistujici konfiguracni soubor
51 if [ ! -e $NAT_CONFIG ] && [ "$NAT_TYPE" != "tree" ]; then
52 echo "error, $NAT_CONFIG does not exist!"
53 return 0
54 fi
55 
56 [ "$DUMMY_IFACE" == "" ] && DUMMY_IFACE="dummy0"
57 [ "$DUMMY_IP" == "" ] && DUMMY_IP="`$IP addr show $DUMMY_IFACE | grep inet | grep -v inet6 | awk '{print \$2}' | cut -d \"/\" -f1`"
58 
59 if [ "$NAT_TYPE" == "tree" ]; then
60 # Zakladni cast celkem peti stromu
61 rm -rf $TMP
62 mkdir -p $TMP
63 # raw
64 echo "*raw" >> "$TMP/table_raw"
65 echo ":PREROUTING ACCEPT" >> "$TMP/table_raw"
66 echo ":OUTPUT ACCEPT" >> "$TMP/table_raw"
67 # nat
68 echo "*nat" >> "$TMP/table_nat2"
69 echo ":PREROUTING ACCEPT" >> "$TMP/table_nat2"
70 echo ":POSTROUTING ACCEPT" >> "$TMP/table_nat2"
71 echo ":OUTPUT ACCEPT" >> "$TMP/table_nat2"
72 # mangle
73 echo "*mangle" >> "$TMP/table_mangle"
74 echo ":PREROUTING ACCEPT" >> "$TMP/table_mangle"
75 echo ":INPUT ACCEPT" >> "$TMP/table_mangle"
76 echo ":FORWARD ACCEPT" >> "$TMP/table_mangle"
77 echo ":OUTPUT ACCEPT" >> "$TMP/table_mangle"
78 echo ":POSTROUTING ACCEPT" >> "$TMP/table_mangle"
79 # filter
80 echo "*filter" >> "$TMP/table_fwd2"
81 echo ":INPUT ACCEPT" >> "$TMP/table_fwd2"
82 echo ":FORWARD ACCEPT" >> "$TMP/table_fwd2"
83 echo ":OUTPUT ACCEPT" >> "$TMP/table_fwd2"
84 IP_POM=""
85 M1=""
86 M2=""
87 M3=""
88 M4=""
89 BC=""
90 BCN=""
91 # vytvorime zakladni chainy
92 convert_net_to_mask "`echo $INTERNAL_IP | cut -d/ -f2`"
93 INTERNAL_IP2="`echo $INTERNAL_IP | cut -d/ -f1`/$M1.$M2.$M3.$M4"
94 convert_net_to_mask "`echo $EXTERNAL_IP | cut -d/ -f2`"
95 EXTERNAL_IP2="`echo $EXTERNAL_IP | cut -d/ -f1`/$M1.$M2.$M3.$M4"
96 echo ":chain_fwd - [0:0]" >> "$TMP/table_fwd"
97 echo "-A FORWARD -s $INTERNAL_IP2 -i $NAT_DEV -j chain_fwd" >> "$TMP/table_fwd"
98 echo ":chain_pre - [0:0]" >> "$TMP/table_nat"
99 echo "-A PREROUTING -d $EXTERNAL_IP2 -i $NAT_DEV -j chain_pre" >> "$TMP/table_nat"
100 echo ":chain_pre_2 - [0:0]" >> "$TMP/table_nat"
101 echo "-A PREROUTING -s $INTERNAL_IP2 -d $EXTERNAL_IP2 ! -i $NAT_DEV -j chain_pre_2" >> "$TMP/table_nat"
102 echo ":chain_post - [0:0]" >> "$TMP/table_nat"
103 echo "-A POSTROUTING -s $INTERNAL_IP2 -o $NAT_DEV -j chain_post" >> "$TMP/table_nat"
104 echo ":chain_post_2 - [0:0]" >> "$TMP/table_nat"
105 echo "-A POSTROUTING -s $INTERNAL_IP2 -d $INTERNAL_IP2 ! -o $NAT_DEV -j chain_post_2" >> "$TMP/table_nat"
106 fi
107 
108 echo ""
109 # Ne vsude pouzivame jednotnou syntaxi
110 while read UserName PublicIP PrivateIP; do # standardni v Czela Debianu, podle me nejlepsi! :)
111 if [ "`echo $UserName | cut -c1`" == "#" ]; then
112 # Prazdne radky preskocime, jen neprazdne radky povazujeme za uzivatele, tj. oznamime je jako zakomentovane
113 if [ "`echo $UserName | cut -c2`" != " " ] && [ "`echo $UserName | cut -c2`" != "" ] && [ "`echo $UserName | cut -c2`" != "#" ]; then
114 echo " $UserName commented"
115 fi
116 else
117 echo " $UserName ($PrivateIP -> $PublicIP)"
118 for LOCAL_IP in $PrivateIP; do
119 PORT_TYPE=""
120 PUBLIC_PORT=""
121 PRIVATE_PORT=""
122 # rozdeleni na porty
123 if [ "`echo $LOCAL_IP | grep :`" != "" ]; then
124 PORT_TYPE="`echo $LOCAL_IP | cut -d: -f2`"
125 PUBLIC_PORT="`echo $LOCAL_IP | cut -d: -f3`"
126 PRIVATE_PORT="`echo $LOCAL_IP | cut -d: -f4`"
127 fi
128 # local ip musi byt jako posledni!
129 LOCAL_IP="`echo $LOCAL_IP | cut -d: -f1`"
130 if [ "`echo $PUBLIC_PORT | grep -`" != "" ]; then
131 PUBLIC_PORT="`echo $PUBLIC_PORT | cut -d- -f1`:`echo $PUBLIC_PORT | cut -d- -f2`"
132 fi
133 
134 if [ "$NAT_TYPE" == "tree" ]; then
135 LOCAL_IP3=""
136 if [ "`echo $LOCAL_IP | grep /`" == "" ]; then
137 LOCAL_IP2="$LOCAL_IP"
138 LOCAL_IP=$LOCAL_IP/32
139 else
140 LOCAL_POM3="`echo $LOCAL_IP | cut -d/ -f2`"
141 if [ "$LOCAL_POM3" != "32" ]; then
142 convert_net_to_mask "$LOCAL_POM3"
143 LOCAL_IP2="`echo $LOCAL_IP | cut -d/ -f1`/$M1.$M2.$M3.$M4"
144 # pokud dostaneme zadany rozsah, pak natujeme na prvni adresu z daneho rozsahu
145 #LOCAL_IP3="`echo $LOCAL_IP | cut -d. -f1`.`echo $LOCAL_IP | cut -d. -f2`.`echo $LOCAL_IP | cut -d. -f3`.$((`echo $LOCAL_IP | cut -d. -f4 | cut -d/ -f1` + 1))"
146 LOCAL_IP3="`echo $LOCAL_IP | cut -d/ -f1`"
147 else
148 LOCAL_IP2="`echo $LOCAL_IP | cut -d/ -f1`"
149 fi
150 fi
151 if [ "`echo $PublicIP | grep /`" == "" ]; then
152 PublicIP2="$PublicIP"
153 PublicIP="${PublicIP}/32"
154 else
155 if [ "`echo $PublicIP | cut -d/ -f2`" != "32" ]; then
156 echo "Verejna adresa pro $UserName je zadana spatne!"
157 else
158 PublicIP2="`echo $PublicIP | cut -d/ -f1`"
159 fi
160 fi
161 # Tato cast je opet pro generovani stromu
162 # tam kde je rozdeleni podle INTERNAL_IP
163 # chain_post
164 I="0"
165 J="$((`echo $LOCAL_IP | cut -d/ -f2` - `echo $INTERNAL_IP | cut -d/ -f2`))"
166 IP_POM="$LOCAL_IP"
167 CHAINS_POST=""
168 CHAINS_POST_2=""
169 CHAINS_FWD=""
170 IP_POMS=""
171 while [ $I -lt $J ]; do
172 convert_ip_to_network "$IP_POM"
173 CHAIN="${IP_POM[0]}${IP_POM[1]}${IP_POM[2]}${IP_POM[3]}_$BC"
174 if [ "$I" == "0" ]; then
175 LOCAL_POM="$CHAIN"
176 fi
177 CHAIN_POST="chain_post_$CHAIN"
178 CHAIN_POST_2="chain_post_2_$CHAIN"
179 CHAIN_FWD="chain_fwd_$CHAIN"
180 echo ":$CHAIN_POST - [0:0]" >> "$TMP/table_nat"
181 echo ":$CHAIN_POST_2 - [0:0]" >> "$TMP/table_nat"
182 echo ":$CHAIN_FWD - [0:0]" >> "$TMP/table_fwd"
183 IP_POMS="${IP_POM[0]}.${IP_POM[1]}.${IP_POM[2]}.${IP_POM[3]}/$BC $IP_POMS"
184 CHAINS_POST="$CHAIN_POST $CHAINS_POST"
185 CHAINS_POST_2="$CHAIN_POST_2 $CHAINS_POST_2"
186 CHAINS_FWD="$CHAIN_FWD $CHAINS_FWD"
187 IP_POM="$((${IP_POM[0]} & $M1)).$((${IP_POM[1]} & $M2)).$((${IP_POM[2]} & $M3)).$((${IP_POM[3]} & $M4))/$BCN"
188 ((I++))
189 done
190 CHAINS_POST="chain_post $CHAINS_POST"
191 CHAINS_POST_2="chain_post_2 $CHAINS_POST_2"
192 CHAINS_FWD="chain_fwd $CHAINS_FWD"
193 I="1"
194 for IP_POM in $IP_POMS; do
195 CHAIN_POST="`echo $CHAINS_POST | cut -d \" \" -f $I`"
196 CHAIN_POST_2="`echo $CHAINS_POST_2 | cut -d \" \" -f $I`"
197 CHAIN_FWD="`echo $CHAINS_FWD | cut -d \" \" -f $I`"
198 CHAIND_POST="`echo $CHAINS_POST | cut -d \" \" -f $(($I + 1))`"
199 CHAIND_POST_2="`echo $CHAINS_POST_2 | cut -d \" \" -f $(($I + 1))`"
200 CHAIND_FWD="`echo $CHAINS_FWD | cut -d \" \" -f $(($I + 1))`"
201 if [ "`echo $IP_POM | cut -d/ -f2`" != "32" ]; then
202 convert_net_to_mask "`echo $IP_POM | cut -d/ -f2`"
203 IP_POM="`echo $IP_POM | cut -d/ -f1`/$M1.$M2.$M3.$M4"
204 else
205 IP_POM="`echo $IP_POM | cut -d/ -f1`"
206 fi
207 echo "-A $CHAIN_POST -s $IP_POM -j $CHAIND_POST" >> "$TMP/table_nat"
208 echo "-A $CHAIN_POST_2 -d $IP_POM -j $CHAIND_POST_2" >> "$TMP/table_nat"
209 echo "-A $CHAIN_FWD -d $IP_POM -j $CHAIND_FWD" >> "$TMP/table_fwd"
210 ((I++))
211 done
212 # pro ty kde je rozdeleni podle EXTERNAL_IP
213 # chain_pre
214 I="0"
215 J="$((`echo $PublicIP | cut -d/ -f2` - `echo $EXTERNAL_IP | cut -d/ -f2`))"
216 IP_POM="$PublicIP"
217 CHAINS_PRE=""
218 CHAINS_PRE_2=""
219 IP_POMS=""
220 while [ $I -lt $J ]; do
221 convert_ip_to_network "$IP_POM"
222 CHAIN="${IP_POM[0]}${IP_POM[1]}${IP_POM[2]}${IP_POM[3]}_$BC"
223 if [ "$I" == "0" ]; then
224 PUBLIC_POM="$CHAIN"
225 fi
226 CHAIN_PRE="chain_pre_$CHAIN"
227 CHAIN_PRE_2="chain_pre_2_$CHAIN"
228 echo ":$CHAIN_PRE - [0:0]" >> "$TMP/table_nat"
229 echo ":$CHAIN_PRE_2 - [0:0]" >> "$TMP/table_nat"
230 IP_POMS="${IP_POM[0]}.${IP_POM[1]}.${IP_POM[2]}.${IP_POM[3]}/$BC $IP_POMS"
231 CHAINS_PRE="$CHAIN_PRE $CHAINS_PRE"
232 CHAINS_PRE_2="$CHAIN_PRE_2 $CHAINS_PRE_2"
233 IP_POM="$((${IP_POM[0]} & $M1)).$((${IP_POM[1]} & $M2)).$((${IP_POM[2]} & $M3)).$((${IP_POM[3]} & $M4))/$BCN"
234 ((I++))
235 done
236 CHAINS_PRE="chain_pre $CHAINS_PRE"
237 CHAINS_PRE_2="chain_pre_2 $CHAINS_PRE_2"
238 I="1"
239 for IP_POM in $IP_POMS; do
240 CHAIN_PRE="`echo $CHAINS_PRE | cut -d \" \" -f $I`"
241 CHAIN_PRE_2="`echo $CHAINS_PRE_2 | cut -d \" \" -f $I`"
242 CHAIND_PRE="`echo $CHAINS_PRE | cut -d \" \" -f $(($I + 1))`"
243 CHAIND_PRE_2="`echo $CHAINS_PRE_2 | cut -d \" \" -f $(($I + 1))`"
244 if [ "`echo $IP_POM | cut -d/ -f2`" != "32" ]; then
245 convert_net_to_mask "`echo $IP_POM | cut -d/ -f2`"
246 IP_POM="`echo $IP_POM | cut -d/ -f1`/$M1.$M2.$M3.$M4"
247 else
248 IP_POM="`echo $IP_POM | cut -d/ -f1`"
249 fi
250 echo "-A $CHAIN_PRE -d $IP_POM -j $CHAIND_PRE" >> "$TMP/table_nat"
251 echo "-A $CHAIN_PRE_2 -d $IP_POM -j $CHAIND_PRE_2" >> "$TMP/table_nat"
252 ((I++))
253 done
254 # no a strom je za nami
255 # nat 1:1
256 if [ "$PUBLIC_PORT" == "" ]; then
257 # Pokud je vice zaznamu na jednu verejnou ip adresu, pak bude plnohodnotna verejna jen ta prvni (jeste se to da zoptimalizovat o cca 15 vterin pro 1500 zaznamu)
258 if [ "`cat $TMP/table_nat | grep \"chain_pre_$PUBLIC_POM\" | grep DNAT | grep -v \"dport\" | cut -d \" \" -f 4`" != "$PublicIP2" ]; then
259 if [ "$LOCAL_IP3" != "" ]; then
260 echo "-A chain_pre_$PUBLIC_POM -d $PublicIP2 -j DNAT --to-destination $LOCAL_IP3" >> "$TMP/table_nat"
261 echo "-A chain_pre_2_$PUBLIC_POM -d $PublicIP2 -j DNAT --to-destination $LOCAL_IP3" >> "$TMP/table_nat"
262 echo "-A chain_post_2_$LOCAL_POM -d $LOCAL_IP3 -j SNAT --to-source $DUMMY_IP" >> "$TMP/table_nat"
263 else
264 echo "-A chain_pre_$PUBLIC_POM -d $PublicIP2 -j DNAT --to-destination $LOCAL_IP2" >> "$TMP/table_nat"
265 echo "-A chain_pre_2_$PUBLIC_POM -d $PublicIP2 -j DNAT --to-destination $LOCAL_IP2" >> "$TMP/table_nat"
266 echo "-A chain_post_2_$LOCAL_POM -d $LOCAL_IP2 -j SNAT --to-source $DUMMY_IP" >> "$TMP/table_nat"
267 fi
268 fi
269 # Pokud je vice zaznamu na jednu vnitrni ip adresu, pak zahlasime chybu, radeji otevirame fwd, ktery je kratsi! (totot jeste taky jde zoptimalizovat o cca 10 vterin pro 1500 zaznamu)
270 if [ "`cat $TMP/table_fwd | grep \"chain_fwd_$LOCAL_POM\" | grep ACCEPT | grep -v \"dport\" | cut -d \" \" -f 4`" != "$LOCAL_IP2" ]; then
271 echo "-A chain_post_"$LOCAL_POM" -s $LOCAL_IP2 -j SNAT --to-source $PublicIP2" >> "$TMP/table_nat"
272 echo "-A chain_fwd_$LOCAL_POM -d $LOCAL_IP2 -j ACCEPT" >> "$TMP/table_fwd"
273 else
274 echo "Chyba, zaznam pro lokalni adresu uz existuje!"
275 fi
276 elif [ "$PRIVATE_PORT" == "" ]; then
277 # Zatim neni jasne jestli porty funguji spravne!!!
278 # Ohlidani spravnosti je tu dost narocne, to proste musi byt spravne!
279 echo "-A chain_pre_$PUBLIC_POM -d $PublicIP2 -p $PORT_TYPE -m $PORT_TYPE --dport $PUBLIC_PORT -j DNAT --to-destination $LOCAL_IP2" >> "$TMP/table_nat"
280 echo "-A chain_post_"$LOCAL_POM" -s $LOCAL_IP2 -j SNAT --to-source $PublicIP2" >> "$TMP/table_nat"
281 echo "-A chain_fwd_$LOCAL_POM -d $LOCAL_IP2 -p $PORT_TYPE -m $PORT_TYPE --dport $PUBLIC_PORT -j ACCEPT" >> "$TMP/table_fwd"
282 echo "-A chain_pre_2_$PUBLIC_POM -d $PublicIP2 -j DNAT --to-destination $LOCAL_IP2" >> "$TMP/table_nat"
283 echo "-A chain_post_2_$LOCAL_POM -d $LOCAL_IP2 -j SNAT --to-source $DUMMY_IP" >> "$TMP/table_nat"
284 else
285 # Ohlidani spravnosti je tu dost narocne, to proste musi byt spravne!
286 echo "-A chain_pre_$PUBLIC_POM -d $PublicIP2 -p $PORT_TYPE -m $PORT_TYPE --dport $PUBLIC_PORT -j DNAT --to-destination $LOCAL_IP2:$PRIVATE_PORT" >> "$TMP/table_nat"
287 echo "-A chain_post_"$LOCAL_POM" -s $LOCAL_IP2 -j SNAT --to-source $PublicIP2" >> "$TMP/table_nat"
288 echo "-A chain_fwd_$LOCAL_POM -d $LOCAL_IP2 -p $PORT_TYPE -m $PORT_TYPE --dport $PRIVATE_PORT -j ACCEPT" >> "$TMP/table_fwd"
289 echo "-A chain_pre_2_$PUBLIC_POM -d $PublicIP2 -p $PORT_TYPE -m $PORT_TYPE --dport $PUBLIC_PORT -j DNAT --to-destination $LOCAL_IP2:$PRIVATE_PORT" >> "$TMP/table_nat"
290 echo "-A chain_post_2_$LOCAL_POM -d $LOCAL_IP2 -p $PORT_TYPE -m $PORT_TYPE --dport $PRIVATE_PORT -j SNAT --to-source $DUMMY_IP" >> "$TMP/table_nat"
291 fi
292 else
293#echo $PublicIP $LOCAL_IP
294 # zakladni nat 1:1 - originalni verze
295 if [ "$PUBLIC_PORT" == "" ]; then
296 $IPTABLES -t nat -I PREROUTING -d $PublicIP -j DNAT --to $LOCAL_IP
297 $IPTABLES -t nat -I POSTROUTING -o $NAT_DEV -s $LOCAL_IP -j SNAT --to $PublicIP
298 $IPTABLES -I FORWARD -i $NAT_DEV -d $LOCAL_IP -j ACCEPT
299 elif [ "$PRIVATE_PORT" == "" ]; then
300 $IPTABLES -t nat -I PREROUTING -d $PublicIP -p $PORT_TYPE --dport $PUBLIC_PORT -j DNAT --to $LOCAL_IP
301 $IPTABLES -t nat -I POSTROUTING -o $NAT_DEV -s $LOCAL_IP -j SNAT --to $PublicIP
302 $IPTABLES -I FORWARD -i $NAT_DEV -d $LOCAL_IP -p $PORT_TYPE --dport $PUBLIC_PORT -j ACCEPT
303 else
304 $IPTABLES -t nat -I PREROUTING -d $PublicIP -p $PORT_TYPE --dport $PUBLIC_PORT -j DNAT --to $LOCAL_IP:$PRIVATE_PORT
305 $IPTABLES -t nat -I POSTROUTING -o $NAT_DEV -s $LOCAL_IP -j SNAT --to $PublicIP
306 $IPTABLES -I FORWARD -i $NAT_DEV -d $LOCAL_IP -p $PORT_TYPE --dport $PRIVATE_PORT -j ACCEPT
307 fi
308 # Zaroven by bylo pekne zevnitr site na svou verejnou ip pingnout,
309 # pro tohle je idealne nutne mit dummy, dalsi moznost je nastavit
310 # DUMMY_IFACE na jedno z rozhrani LAN, kde se neprovadi nat.
311 if [ "$DUMMY_IP" != "" ]; then
312 if [ "$PUBLIC_PORT" == "" ]; then
313 $IPTABLES -t nat -I PREROUTING ! -i $NAT_DEV -s $INTERNAL_IP -d $PublicIP -j DNAT --to $LOCAL_IP
314 $IPTABLES -t nat -I POSTROUTING ! -o $NAT_DEV -s $INTERNAL_IP -d $LOCAL_IP -j SNAT --to $DUMMY_IP
315 elif [ "$PRIVATE_PORT" == "" ]; then
316 $IPTABLES -t nat -I PREROUTING ! -i $NAT_DEV -s $INTERNAL_IP -d $PublicIP -p $PORT_TYPE --dport $PUBLIC_PORT -j DNAT --to $LOCAL_IP
317 $IPTABLES -t nat -I POSTROUTING ! -o $NAT_DEV -s $INTERNAL_IP -d $LOCAL_IP -p $PORT_TYPE --dport $PUBLIC_PORT -j SNAT --to $DUMMY_IP
318 else
319 $IPTABLES -t nat -I PREROUTING ! -i $NAT_DEV -s $INTERNAL_IP -d $PublicIP -p $PORT_TYPE --dport $PUBLIC_PORT -j DNAT --to $LOCAL_IP:$PRIVATE_PORT
320 $IPTABLES -t nat -I POSTROUTING ! -o $NAT_DEV -s $INTERNAL_IP -d $LOCAL_IP -p $PORT_TYPE --dport $PRIVATE_PORT -j SNAT --to $DUMMY_IP
321 fi
322 fi
323 fi
324 done
325 fi
326 done < $NAT_CONFIG
327 
328 # V pripade typu natu "tree", musime spojit soubory do jedine tabulky
329 if [ "$NAT_TYPE" == "tree" ]; then
330 cat $TMP/table_nat | sort -k 2.1 | uniq >> $TMP/table_nat2
331 cat $TMP/table_fwd | sort -k 2.1 | uniq >> $TMP/table_fwd2
332 cat "$TMP/table_raw" >> "$TMP/table"
333 echo "COMMIT" >> "$TMP/table"
334 cat "$TMP/table_nat2" >> "$TMP/table"
335 echo "COMMIT" >> "$TMP/table"
336 cat "$TMP/table_mangle" >> "$TMP/table"
337 echo "COMMIT" >> "$TMP/table"
338 cat "$TMP/table_fwd2" >> "$TMP/table"
339 echo "COMMIT" >> "$TMP/table"
340 echo "done."
341 fi
342}

Powered by WebSVN 2.2.1