Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- firewall_clean=0
- display() { echo $var; }
- open_port(){
- /sbin/iptables -A FORWARD -i $EXTERNAL_INF -o $INTERNAL_INF -p tcp --syn --dport $var -m conntrack --ctstate NEW -j ACCEPT
- /sbin/iptables -A FORWARD -i $EXTERNAL_INF -o $INTERNAL_INF -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
- /sbin/iptables -A FORWARD -i $INTERNAL_INF -o $EXTERNAL_INF -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
- /sbin/iptables -t nat -A PREROUTING -i $EXTERNAL_INF -p tcp --dport $var -j DNAT --to-destination $INTERNAL_SERVER
- /sbin/iptables -t nat -A POSTROUTING -o $EXTERNAL_INF -p tcp --dport $var -d $INTERNAL_SERVER -j SNAT --to-source $LOCAL_IP
- }
- clean_rules (){
- /sbin/iptables -F
- /sbin/iptables -X
- /sbin/iptables -t nat -F
- /sbin/iptables -t nat -X
- /sbin/iptables -t mangle -F
- /sbin/iptables -t mangle -X
- /sbin/iptables -P INPUT ACCEPT
- /sbin/iptables -P FORWARD ACCEPT
- /sbin/iptables -P OUTPUT ACCEPT
- firewall_clean=1
- }
- portcheck (){
- echo "Working with port :$var"
- if nc -w 1 -v $INTERNAL_SERVER $var </dev/null &>/dev/null
- then
- echo "Success: Let's forward it"
- PORT=var
- if [ "$firewall_clean" -eq "1" ];
- then
- echo "We are ready to go"
- else
- echo "Lets clean older firewall rules"
- clean_rules
- fi
- open_port
- else
- echo "Failed: This port is not open"
- fi
- }
- if [ "$#" -le "4" ];
- then
- echo "Invalid arguments:
- Usage: portforward INTERNAL_SERVER INTERNAL_INTERFACE EXTERNAL_INTERFACE LOCAL_IP < PORTS >
- For example:
- portforward 10.42.0.10 wlan0 eth0 10.42.0.1 80 443 5555
- "
- exit
- fi
- echo 1 | tee /proc/sys/net/ipv4/ip_forward
- echo "#### local IP address to be exposed is :"
- echo $1
- INTERNAL_SERVER=$1
- shift
- INTERNAL_INF=$1
- shift
- EXTERNAL_INF=$1
- shift
- LOCAL_IP=$1
- shift
- if ping -c 1 $INTERNAL_SERVER &> /dev/null
- then
- echo 'server is accessible'
- else
- echo 'server is not up'
- exit
- fi
- echo "#### And list of port to be exposed is :"
- for var in "$@"
- do
- display
- done
- for var in "$@"
- do
- portcheck
- done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement