Onion Pi IPTables

annonthatshit.sh

#!/bin/bash

# By Frank Danielson @ Bold Apps

IPS=(`ifconfig | grep "inet addr:" | awk -F: '{ print $2 }' | awk '{ print $1 }'`)
MASKS=(`ifconfig | grep "Mask:" | awk -F: '{ print $4 }'`)
BITS=()
i=0

mask2cidr() {
    nbits=0
    IFS=.
    for dec in $1 ; do
        case $dec in
            255) let nbits+=8;;
            254) let nbits+=7;;
            252) let nbits+=6;;
            248) let nbits+=5;;
            240) let nbits+=4;;
            224) let nbits+=3;;
            192) let nbits+=2;;
            128) let nbits+=1;;
            0);;
            *) echo "Error: $dec is not recognised"; exit 1
        esac
    done
    echo "$nbits"
}

for MASK in "${MASKS[@]}" ; do
    BITS[$i]=$(mask2cidr $MASK)
    i=$((i+1))
done
i=0

for IP in "${IPS[@]}" ; do
	if [[ $IP == 192.168.* ]] || [[ $IP == 172.16.* ]] || [[ $IP == 10.* ]] ; then
		iptables -A PREROUTING -t nat -i eth0.102 ! -s 127.0.0.1 -p tcp --dport 8118 -j DNAT --to 127.0.0.1:8118
		iptables -A POSTROUTING -t nat -o eth0.101 -s ${IP}/${BITS[$i]} -d 127.0.0.1 -j SNAT --to 127.0.0.1
		iptables -A FORWARD -s ${IP}/${BITS[$i]} -d 127.0.0.1 -i eth0.102 -o eth0.101 -p tcp --dport 8118 -j ACCEPT
	fi
    i=$((i+1))
done
printf "Done!~\n"
exit 0