Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- PATH=/usr/sbin:/sbin:/bin:/usr/bin
- SHUTTLE=192.168.1.74
- KEVIN_PC=172.16.17.0
- # Delete all existing rules
- iptables -F
- iptables -t nat -F
- iptables -t mangle -F
- iptables -X
- # Always accept loopback traffic
- iptables -A INPUT -i lo -j ACCEPT
- # Allow established connections, and those not coming from the outside
- iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
- iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT
- iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
- # Allow incoming connections for specified ports
- iptables -A INPUT -i eth0 --dport 80 -j ACCEPT
- # Allow port forwarding
- iptables -t nat -A PREROUTING -p all -i eth0 -d $SHUTTLE --dport 3389 -j DNAT --to $KEVIN_PC:3389
- iptables -A FORWARD -p all -d $KEVIN_PC --dport 3389 -j ACCEPT
- # Allow outgoing connections from the LAN side.
- iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
- # Masquerade.
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- # Don't forward from the outside to the inside.
- iptables -A FORWARD -i eth0 -o eth0 -j REJECT
- # Enable routing.
- echo 1 > /proc/sys/net/ipv4/ip_forward
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement