Little init file to set nat redirection with iptables

nat-iptables

#!/bin/sh

#network param
IP=94.23.251.96
elastic=10.0.0.1
test=10.0.0.2

#nat param 'VMip,source_port,destination_port'
rules_nat+=("$elastic,1021,22")
rules_nat+=("$elastic,9200,9200")
rules_nat+=("$test,1022,22")
rules_nat+=("$test,80,80")
rules_nat+=("$elastic,81,80")


#iptables param
chain_name=proxmox

function add_chain()
{
	iptables -t nat -N $chain_name
	iptables -t nat -A PREROUTING -i vmbr0 -p tcp -j $chain_name
}

function drop_chain()
{
	iptables -t nat -D PREROUTING -i vmbr0 -p tcp -j $chain_name
	iptables -t nat -F $chain_name
}


function add_nat_rules()
{
	for rule in ${rules_nat[@]}
	do
		A_rule=(${rule//,/ })
		ip=${A_rule[0]}
		source=${A_rule[1]}
		dest=${A_rule[2]}

		/sbin/iptables -t nat -A $chain_name -i vmbr0 -p tcp --dport $source -j DNAT --to $ip:$dest
	done
}

case "$1" in
start)	echo "Starting iptables NAT for openvz"

	#remplacer ip.de.votre_serveur.hote par l'ip de sortie
	/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o vmbr0 -j SNAT --to $IP
	drop_chain 2>/dev/null
	add_chain
	add_nat_rules
;;

stop)	echo "Stopping iptables NAT for openvz"
	/sbin/iptables -t nat -D POSTROUTING -s 10.0.0.0/24 -o vmbr0 -j SNAT --to $IP
	drop_chain
;;
reload) echo "Reload chain"
	drop_chain 2>/dev/null
	add_chain
	add_nat_rules
;;

*)	echo "Usage: /etc/init.d/$(basename $0) {start|stop|reload}"
exit 2
;;

esac
exit 0