Created
March 3, 2015 12:23
-
-
Save CMDann/f13a0a428437f6406bb6 to your computer and use it in GitHub Desktop.
Onion Pi IPTables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # By Frank Danielson @ Bold Apps | |
| IPS=(`ifconfig | grep "inet addr:" | awk -F: '{ print $2 }' | awk '{ print $1 }'`) | |
| MASKS=(`ifconfig | grep "Mask:" | awk -F: '{ print $4 }'`) | |
| BITS=() | |
| i=0 | |
| mask2cidr() { | |
| nbits=0 | |
| IFS=. | |
| for dec in $1 ; do | |
| case $dec in | |
| 255) let nbits+=8;; | |
| 254) let nbits+=7;; | |
| 252) let nbits+=6;; | |
| 248) let nbits+=5;; | |
| 240) let nbits+=4;; | |
| 224) let nbits+=3;; | |
| 192) let nbits+=2;; | |
| 128) let nbits+=1;; | |
| 0);; | |
| *) echo "Error: $dec is not recognised"; exit 1 | |
| esac | |
| done | |
| echo "$nbits" | |
| } | |
| for MASK in "${MASKS[@]}" ; do | |
| BITS[$i]=$(mask2cidr $MASK) | |
| i=$((i+1)) | |
| done | |
| i=0 | |
| for IP in "${IPS[@]}" ; do | |
| if [[ $IP == 192.168.* ]] || [[ $IP == 172.16.* ]] || [[ $IP == 10.* ]] ; then | |
| iptables -A PREROUTING -t nat -i eth0.102 ! -s 127.0.0.1 -p tcp --dport 8118 -j DNAT --to 127.0.0.1:8118 | |
| iptables -A POSTROUTING -t nat -o eth0.101 -s ${IP}/${BITS[$i]} -d 127.0.0.1 -j SNAT --to 127.0.0.1 | |
| iptables -A FORWARD -s ${IP}/${BITS[$i]} -d 127.0.0.1 -i eth0.102 -o eth0.101 -p tcp --dport 8118 -j ACCEPT | |
| fi | |
| i=$((i+1)) | |
| done | |
| printf "Done!~\n" | |
| exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment