Created
March 9, 2012 14:52
-
-
Save smiler/2006835 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@eof:/root# cat do_nat.sh | |
| #!/bin/sh | |
| EXTIF="eth1" | |
| #route add -net 192.168.1.0/24 dev eth1 | |
| echo 1 > /proc/sys/net/ipv4/ip_forward | |
| iptables -F; iptables -t nat -F; iptables -t mangle -F | |
| iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE | |
| iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| #iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT | |
| #iptables -P INPUT DROP | |
| #iptables -A FORWARD -i eth0 -o eth0 -j REJECT | |
| # TS | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 3389 -j DNAT --to 192.168.1.3:3389 | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 80 -j DNAT --to 192.168.1.102:80 | |
| #iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 80 -j DNAT --to 192.168.1.8:8080 | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 23 -j DNAT --to 192.168.1.10:22 | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 2121:2250 -j DNAT --to 192.168.1.10 | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 5432 -j DNAT --to 192.168.1.10:5432 | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 6667 -j DNAT --to 192.168.1.10:6667 | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 3690 -j DNAT --to 192.168.1.10:3690 | |
| # VNC to wintendo | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 5900:5910 -j DNAT --to 192.168.1.3 | |
| # HTPC mpd stream | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 8000 -j DNAT --to 192.168.1.8:8000 | |
| # active ftp | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 20000:21000 -j DNAT --to 192.168.1.3 | |
| # WoT torrent client | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 6881 -j DNAT --to 192.168.1.3 | |
| # blizzard downloader | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 6882:6999 -j DNAT --to 192.168.1.3 | |
| # uTorrent | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 6979 -j DNAT --to 192.168.1.3 | |
| # ffxiv | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 54992:55551 -j DNAT --to 192.168.1.3 | |
| iptables -t nat -A PREROUTING -p udp -i $EXTIF --dport 55296:55551 -j DNAT --to 192.168.1.3 | |
| # Magicka / steam | |
| iptables -t nat -A PREROUTING -p udp -i $EXTIF --dport 27000:27030 -j DNAT --to 192.168.1.3 | |
| iptables -t nat -A PREROUTING -p tcp -i $EXTIF --dport 27014:27050 -j DNAT --to 192.168.1.3 | |
| iptables -t nat -A PREROUTING -p udp -i $EXTIF --dport 8766 -j DNAT --to 192.168.1.3 | |
| iptables -t nat -A PREROUTING -p udp -i $EXTIF --dport 3659 -j DNAT --to 192.168.1.3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment