API tools faq
paste
Advertisement
pablopc

Iptables NAT Forward Rules

pablopc
Feb 18th, 2022 (edited)
168
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 0.98 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2. # Script para configurar reglas NAT iptables (configurarlo como router)
  3.  
  4. # VARIABLES
  5. WAN=enp0s3
  6. LAN=enp0s8
  7. IPT=/sbin/iptables
  8.  
  9. if [ "$EUID" -ne 0 ]
  10.   then echo "Please run as root"
  11.   exit
  12. fi
  13.  
  14. # Flush and delete all nat and  mangle #
  15. $IPT -F
  16. $IPT -X
  17. $IPT -t nat -F
  18. $IPT -t nat -X
  19. $IPT -t mangle -F
  20. $IPT -t mangle -X
  21. $IPT -t raw -F
  22. $IPT -t raw -X
  23.  
  24. echo 1 > /proc/sys/net/ipv4/ip_forward
  25. $IPT -t nat -P POSTROUTING ACCEPT
  26. $IPT -t nat -P PREROUTING ACCEPT
  27. # Indicamos la interfaz con la que hacemos NAT expecificando las subredes
  28. $IPT -t nat -A POSTROUTING -s 192.168.128.0/24 -o $WAN -j MASQUERADE
  29.  
  30. # Habilitar reenvío de interfaz LAN a WAN y viceversa
  31. $IPT -A FORWARD -i $LAN -o $WAN -j ACCEPT
  32. $IPT -A FORWARD -i $WAN -o $LAN -j ACCEPT
  33.  
  34. # Permitir las conexiones a la interfaz LAN desde su subred
  35. $IPT -A INPUT -i $LAN -j ACCEPT
  36. # Permitir SSH desde HOST Anfitrión WINDOWS a interfaz WAN
  37. $IPT -A INPUT -i $WAN -p tcp -m state --state NEW --dport 22 -j ACCEPT
  38.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!