This file is indexed.

/etc/init.d/enable-nat is in debian-edu-config 1.702.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#! /bin/sh
### BEGIN INIT INFO
# Provides:          enable-nat
# Required-Start:    $remote_fs
# Should-Start:      $network $syslog
# Required-Stop:     $remote_fs
# Should-Stop:       $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Enabling NAT for clients behind eth1
# Description:       Enabling Network Address Translation for clients
#                    sitting in the thin client network behind eth1
### END INIT INFO

IPTABLES=/sbin/iptables

NETWORK_TO_NAT=
OUTSIDE_IF=eth0

# Only enable by default if LTSP is installed
if [ -e /opt/ltsp ] ; then
    NETWORK_TO_NAT="192.168.0.0/24"
fi

. /lib/lsb/init-functions

if [ -f /etc/default/enable-nat ] ; then
    . /etc/default/enable-nat
fi

# Bail out if no iptables binary or no configuration
[ -x ${IPTABLES} -a "$NETWORK_TO_NAT" ] || exit 0

do_status() {
    $IPTABLES -L -t nat |grep -A3 POSTROUTING
}

is_enabled() {
    if do_status | grep -q "$NETWORK_TO_NAT" ; then
	true
    else
	false
    fi
}

do_start() {
    if is_enabled ; then
	log_action_msg "NAT for clients on network $NETWORK_TO_NAT already enabled"
    else
	log_action_begin_msg "Enabling NAT for clients on network $NETWORK_TO_NAT."
	$IPTABLES -t nat -A POSTROUTING -s $NETWORK_TO_NAT -o $OUTSIDE_IF -j MASQUERADE
	log_action_end_msg $?
    fi

    # Enable IP-forwarding if it isn't enabled already.
    if [ 0 = "`cat /proc/sys/net/ipv4/ip_forward`" ]; then
	log_action_begin_msg "Enabling IPv4 forwarding."
	echo 1 > /proc/sys/net/ipv4/ip_forward
	log_action_end_msg $?
    fi
}

do_stop() {
    if is_enabled ; then
	log_action_begin_msg "Disabling NAT for clients on network $NETWORK_TO_NAT."
	$IPTABLES -F -t nat
	log_action_end_msg $?
    else
	log_action_msg "NAT for clients on network $NETWORK_TO_NAT already disabled"
    fi
}

case "$1" in
    start)
        do_start
        ;;
    stop)
        do_stop
        ;;
    restart|force-reload)
        do_stop
        do_start
        ;;
    status)
        do_status
        ;;
    *)
        echo "Usage: $0 {start|stop|restart|force-reload|status}"
        exit 2
        ;;
esac
exit 0