aboutsummaryrefslogtreecommitdiffstats
path: root/unix/iptables_portforwarding_nat.sh
diff options
context:
space:
mode:
Diffstat (limited to 'unix/iptables_portforwarding_nat.sh')
-rw-r--r--unix/iptables_portforwarding_nat.sh57
1 files changed, 0 insertions, 57 deletions
diff --git a/unix/iptables_portforwarding_nat.sh b/unix/iptables_portforwarding_nat.sh
deleted file mode 100644
index 5b38ade..0000000
--- a/unix/iptables_portforwarding_nat.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/bin/sh
-#
-# Port forwarding from one address to another address in the same network,
-# using source and destination network address translation (SNAT & DNAT).
-#
-# The machine A performs this port forwarding to the target machine B,
-# which is in the same network as A.
-# The machine A behaves like a proxy, which allows e.g., external machine
-# access the services (e.g., SSH) on machine B which only allow access
-# from the internal network.
-#
-#
-# References:
-# [1] How to do the port forwarding from one ip to another ip in the same network?
-# https://serverfault.com/a/586553/387898
-# [2] Source and Destination Network Address Translation with iptables
-# https://thewiringcloset.wordpress.com/2013/03/27/linux-iptable-snat-dnat/
-# [3] How to List and Delete IPtables Firewall Rules
-# https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules
-#
-#
-# Weitian LI
-# 2016-11-29
-#
-
-
-# Enable IP forwarding
-sysctl net.ipv4.ip_forward=1
-
-# Save current rules
-iptables-save > iptables_rules.txt
-
-# Set default chain policy
-iptables -P INPUT ACCEPT
-iptables -P FORWARD ACCEPT
-iptables -P OUTPUT ACCEPT
-
-# Flush existing rules
-iptables -t nat -F
-iptables -t nat -X
-iptables -t mangle -F
-iptables -t mangle -X
-iptables -F
-iptables -X
-
-# Port forwarding using SNAT & DNAT
-THIS_IP="192.168.1.234"
-THIS_PORT="21127"
-TARGET_IP="192.168.1.248"
-TARGET_PORT="9999"
-echo "Port forwarding: ${THIS_IP}:${THIS_PORT} <-> ${TARGET_IP}:${TARGET_PORT}"
-iptables -t nat -A PREROUTING \
- -p tcp --dport ${THIS_PORT} \
- -j DNAT --to-destination ${TARGET_IP}:${TARGET_PORT}
-iptables -t nat -A POSTROUTING \
- -p tcp -d ${TARGET_IP} --dport ${TARGET_PORT} \
- -j SNAT --to-source ${THIS_IP}:${THIS_PORT}