Advertisement
Guest User

Untitled

a guest
Aug 17th, 2017
66
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.14 KB | None | 0 0
  1. #!/bin/sh
  2.  
  3. PATH=/usr/sbin:/sbin:/bin:/usr/bin
  4. SHUTTLE=192.168.1.74
  5. KEVIN_PC=172.16.17.0
  6.  
  7. # Delete all existing rules
  8. iptables -F
  9. iptables -t nat -F
  10. iptables -t mangle -F
  11. iptables -X
  12.  
  13. # Always accept loopback traffic
  14. iptables -A INPUT -i lo -j ACCEPT
  15.  
  16. # Allow established connections, and those not coming from the outside
  17. iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  18. iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT
  19. iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
  20.  
  21. # Allow incoming connections for specified ports
  22. iptables -A INPUT -i eth0 --dport 80 -j ACCEPT
  23.  
  24. # Allow port forwarding
  25. iptables -t nat -A PREROUTING -p all -i eth0 -d $SHUTTLE --dport 3389 -j DNAT --to $KEVIN_PC:3389
  26. iptables -A FORWARD -p all -d $KEVIN_PC --dport 3389 -j ACCEPT
  27.  
  28. # Allow outgoing connections from the LAN side.
  29. iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
  30.  
  31. # Masquerade.
  32. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  33.  
  34. # Don't forward from the outside to the inside.
  35. iptables -A FORWARD -i eth0 -o eth0 -j REJECT
  36.  
  37. # Enable routing.
  38. echo 1 > /proc/sys/net/ipv4/ip_forward
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement