Skip to content

Instantly share code, notes, and snippets.

@ergatea

ergatea/tunnel.sh

Last active December 11, 2015 02:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ergatea/4530642 to your computer and use it in GitHub Desktop.
Save ergatea/4530642 to your computer and use it in GitHub Desktop.
Download ZIP
tunnel for iptables,redsocks
Raw
tunnel.sh
#!/bin/bash -x
if [ -z "$1" ]; then echo Argument needed. >&2; exit 1; fi
if [ -z "$(pidof redsocks)" ]; then echo Redsocks requied >&2; exit 2; fi
DEF_IF="$(/sbin/route -n |awk '/^0.0.0.0/{print $8}')"
if [ -z "$DEF_IF" ]; then echo Cannot get default interface >&2; exit 3; fi
echo "Starting tunnel to $1..."
iptables_clean() {
iptables -t nat -F REDSOCKS
iptables -t nat -D OUTPUT -p tcp -j REDSOCKS
iptables -t nat -X REDSOCKS
}
iptables_do() {
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -o $DEF_IF -j DNAT --to 127.0.0.1:31338
iptables -t nat -A OUTPUT -p tcp -j REDSOCKS
}
while true; do
sudo -u $SUDO_USER ssh -ND 31337 $1 &
trap "iptables_clean; kill %1; exit;" TERM INT
trap "kill -HUP %1; wait %1;" HUP
sleep 5
iptables_do
wait %1
iptables_clean
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment