Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -F
- iptables -t nat -F
- iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5555 -j REDIRECT --to-port 80
- iptables -A FORWARD -i eth0 -p tcp --dport 80 -j ACCEPT
- iptables -t nat -A POSTROUTING -o eth0 -p tcp --dport 80 -j MASQUERADE
- echo '1' | tee /proc/sys/net/ipv4/ip_forward
- ### VARIABLES ###
- internet=eth0
- lan=eth1
- local=192.168.0.0
- iptables=/sbin/iptables
- netmask=24
- tport=8080
- ### MASQUERADE LAN (share INTERNET with LAN) ###
- $iptables -t nat -A POSTROUTING -s $local/$netmask -o $internet -j MASQUERADE
- # Disables packet forwarding (NAT)
- echo 1 > /proc/sys/net/ipv4/ip_forward # default 0
- ### IPv6 RULES ###
- # disable IPv6 (optional)
- echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6 # default 0
- echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6 # default 0
- echo 1 > /proc/sys/net/ipv6/conf/lo/disable_ipv6 # default 0
- ### RULES REDIRECT TO TRANSPARENT PORT ###
- $iptables -t nat -A PREROUTING -s $local/$netmask -i $lan -p tcp --dport 80 -j REDIRECT --to-port $tport
- $iptables -A INPUT -s $local/$netmask -i $lan -p tcp --dport $tport -j ACCEPT
- $iptables -A FORWARD -s $local/$netmask -i $lan -p tcp --dport $tport -o $internet -j ACCEPT
- $iptables -A FORWARD -s $local/$netmask -i $lan -p tcp --dport 443 -o $internet -j ACCEPT
- http_port 8080 intercept
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
