Untitled

#!/bin/bash
firewall_clean=0

display() { echo $var; }

open_port(){
/sbin/iptables -A FORWARD -i $EXTERNAL_INF -o $INTERNAL_INF -p tcp --syn --dport $var -m conntrack --ctstate NEW -j ACCEPT
/sbin/iptables -A FORWARD -i $EXTERNAL_INF -o $INTERNAL_INF -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A FORWARD -i $INTERNAL_INF -o $EXTERNAL_INF -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -t nat -A PREROUTING -i $EXTERNAL_INF -p tcp --dport $var -j DNAT --to-destination $INTERNAL_SERVER
/sbin/iptables -t nat -A POSTROUTING -o $EXTERNAL_INF -p tcp --dport $var -d $INTERNAL_SERVER -j SNAT --to-source $LOCAL_IP
}

clean_rules (){

/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -t nat -F
/sbin/iptables -t nat -X
/sbin/iptables -t mangle -F
/sbin/iptables -t mangle -X
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
firewall_clean=1
}

portcheck (){

echo "Working with port :$var"

if nc -w 1 -v $INTERNAL_SERVER $var </dev/null &>/dev/null
then
   echo "Success: Let's forward it"
   PORT=var
   if [ "$firewall_clean" -eq "1" ];
   then
	echo "We are ready to go"
   else
	echo "Lets clean older firewall rules"
        clean_rules
   fi
   open_port
else
   echo "Failed: This port is not open"
fi

}

if [ "$#" -le "4" ];
then
  echo "Invalid arguments:
       Usage: portforward INTERNAL_SERVER INTERNAL_INTERFACE EXTERNAL_INTERFACE LOCAL_IP < PORTS >
       For example:
       portforward 10.42.0.10 wlan0 eth0 10.42.0.1 80 443 5555
       "
  exit
fi

echo 1 | tee /proc/sys/net/ipv4/ip_forward

echo "#### local IP address to be exposed is :"

echo $1
INTERNAL_SERVER=$1

shift

INTERNAL_INF=$1

shift

EXTERNAL_INF=$1

shift

LOCAL_IP=$1

shift

if ping -c 1 $INTERNAL_SERVER &> /dev/null
then
   echo 'server is accessible'
else
   echo 'server is not up'
   exit
fi

echo "#### And list of port to be exposed is :"
for var in "$@"
do
	display
done

for var in "$@"
do
	portcheck
done