39 lines
1.3 KiB
Bash
Executable File
39 lines
1.3 KiB
Bash
Executable File
if [ $(id -u) -gt 0 ]; then
|
|
echo "This script must be run as root."
|
|
exit
|
|
fi
|
|
|
|
port=$1
|
|
echo "port" $port
|
|
ip=$(ip ad sh eth0 | grep -Eo "inet [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | grep -Eo "[^a-z ]+")
|
|
|
|
#Get list of already forwarded ports and what IPs
|
|
remotes=$(sudo -u wisknort ssh root@jasmine iptables -nt nat -L PREROUTING | grep -Eo 'dpt:[0-9]+ to:[0-9\.]+')
|
|
locals=$(iptables -nt mangle -L OUTPUT | grep -Eo 'spt:[0-9]+')
|
|
|
|
#run once per startup
|
|
if [ ! -e /tmp/ipeed ]; then
|
|
ip rule add fwmark 0x1 lookup vidya
|
|
ip route add default via 192.168.18.202 table vidya
|
|
sudo -u wisknort ssh root@jasmine sysctl -w net.ipv4.ip_forward=1
|
|
touch /tmp/ipeed
|
|
fi
|
|
|
|
#run once per port to forward
|
|
#local
|
|
if [ -z "$(grep "spt:$port" <<< "$locals")" ]; then
|
|
echo "sport" $port
|
|
iptables -t mangle -A OUTPUT -p tcp --sport $port -j MARK --set-mark 0x1
|
|
iptables -t mangle -A OUTPUT -p udp --sport $port -j MARK --set-mark 0x1
|
|
else
|
|
echo "local already forwarded"
|
|
fi
|
|
#jasmine
|
|
if [ -z "$(grep "dpt:$port to:$ip" <<< "$remotes")" ]; then
|
|
echo "dpt" $port
|
|
sudo -u wisknort ssh root@jasmine "iptables -t nat -A PREROUTING -p tcp --dport $port -j DNAT --to $ip"
|
|
sudo -u wisknort ssh root@jasmine "iptables -t nat -A PREROUTING -p udp --dport $port -j DNAT --to $ip"
|
|
else
|
|
echo "remote already forwarded"
|
|
fi
|