rigomate · December 13, 2024 08:12
diff --git a/delete_non_ufw_443.sh b/delete_non_ufw_443.sh
 #!/bin/bash

 # Create a random temporary file
 TEMP_FILE=$(mktemp /tmp/forward_rules.XXXXXX)

 # List all rules in the FORWARD chain with line numbers
 iptables -L FORWARD -n --line-numbers | grep "dpt:443" | grep -v "ufw" > "$TEMP_FILE"

 # Check if any rules were found
 if [[ ! -s "$TEMP_FILE" ]]; then
    echo "No non-UFW rules with destination port 443 found in the FORWARD chain."
    rm -f "$TEMP_FILE"  # Clean up temporary file
    exit 0
 fi

 # Loop through the rules in reverse order to safely delete by line number
 while read -r line; do
    # Extract the rule number (first column)
    rule_number=$(echo "$line" | awk '{print $1}')

    # Delete the rule using the extracted line number
    echo "Deleting rule $rule_number: $line"
    iptables -D FORWARD "$rule_number"
 done < <(tac "$TEMP_FILE")

 # Clean up
 rm -f "$TEMP_FILE"
 echo "All non-UFW rules with destination port 443 have been deleted."
diff --git a/forward.sh b/forward.sh
 #!/bin/bash
 # Tested on Debian 12
 # This script will check from which IP the current user is connected (assuming ssh connection)
 # Connections from this IP, to local TCP port 443 will be forwarded to DEST_IP:443
 # All other old rules will be deleted (be aware, all iptables 443 rules will be deleted)
 # Call this script without sudo, so it can check for the actual connection of the user
 #   (otherwise it would check where root connected from)

 DEST_IP="10.0.20.10"

 # Define the username to check
 USERNAME=$(whoami)

 # Extract the lastlog entry for the user and retrieve the IP
 SOURCE_IP=$(lastlog | grep "^$USERNAME" | awk '{print $3}')

 # Check if an IP was found
 if [[ -n "$SOURCE_IP" ]]; then
    echo "Last SSH connection for user '$USERNAME' was from IP: $SOURCE_IP"
 else
    echo "No lastlog entry found for user '$USERNAME'."
 fi

 # Validate the IP address format
 if ! [[ "$SOURCE_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
    echo "Error: Invalid IP address format."
    exit 2
 fi

 #delete all other 443 destination rules
 sudo delete_non_ufw_443.sh

 # Apply iptables rules
 echo "Adding NAT and forwarding rules for source IP: $SOURCE_IP"

 # PREROUTING: Forward incoming TCP 443 to DEST_IP:443
 sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination ${DEST_IP}:443

 # POSTROUTING: Masquerade packets destined for DEST_IP:443
 sudo iptables -t nat -A POSTROUTING -p tcp -d ${DEST_IP} --dport 443 -j MASQUERADE

 # FORWARD: Allow traffic only from the specified source IP
 sudo iptables -A FORWARD -p tcp -s "$SOURCE_IP" -d ${DEST_IP} --dport 443 -j ACCEPT

 echo "Rules applied successfully."
	#!/bin/bash

	# Create a random temporary file
	TEMP_FILE=$(mktemp /tmp/forward_rules.XXXXXX)

	# List all rules in the FORWARD chain with line numbers
	iptables -L FORWARD -n --line-numbers \| grep "dpt:443" \| grep -v "ufw" > "$TEMP_FILE"

	# Check if any rules were found
	if [[ ! -s "$TEMP_FILE" ]]; then
	echo "No non-UFW rules with destination port 443 found in the FORWARD chain."
	rm -f "$TEMP_FILE" # Clean up temporary file
	exit 0
	fi

	# Loop through the rules in reverse order to safely delete by line number
	while read -r line; do
	# Extract the rule number (first column)
	rule_number=$(echo "$line" \| awk '{print $1}')

	# Delete the rule using the extracted line number
	echo "Deleting rule $rule_number: $line"
	iptables -D FORWARD "$rule_number"
	done < <(tac "$TEMP_FILE")

	# Clean up
	rm -f "$TEMP_FILE"
	echo "All non-UFW rules with destination port 443 have been deleted."
	#!/bin/bash
	# Tested on Debian 12
	# This script will check from which IP the current user is connected (assuming ssh connection)
	# Connections from this IP, to local TCP port 443 will be forwarded to DEST_IP:443
	# All other old rules will be deleted (be aware, all iptables 443 rules will be deleted)
	# Call this script without sudo, so it can check for the actual connection of the user
	# (otherwise it would check where root connected from)

	DEST_IP="10.0.20.10"

	# Define the username to check
	USERNAME=$(whoami)

	# Extract the lastlog entry for the user and retrieve the IP
	SOURCE_IP=$(lastlog \| grep "^$USERNAME" \| awk '{print $3}')

	# Check if an IP was found
	if [[ -n "$SOURCE_IP" ]]; then
	echo "Last SSH connection for user '$USERNAME' was from IP: $SOURCE_IP"
	else
	echo "No lastlog entry found for user '$USERNAME'."
	fi

	# Validate the IP address format
	if ! [[ "$SOURCE_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
	echo "Error: Invalid IP address format."
	exit 2
	fi

	#delete all other 443 destination rules
	sudo delete_non_ufw_443.sh

	# Apply iptables rules
	echo "Adding NAT and forwarding rules for source IP: $SOURCE_IP"

	# PREROUTING: Forward incoming TCP 443 to DEST_IP:443
	sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination ${DEST_IP}:443

	# POSTROUTING: Masquerade packets destined for DEST_IP:443
	sudo iptables -t nat -A POSTROUTING -p tcp -d ${DEST_IP} --dport 443 -j MASQUERADE

	# FORWARD: Allow traffic only from the specified source IP
	sudo iptables -A FORWARD -p tcp -s "$SOURCE_IP" -d ${DEST_IP} --dport 443 -j ACCEPT

	echo "Rules applied successfully."