Created
July 31, 2016 19:07
-
-
Save jantore/8861c80a9d34ac3a5c5e48dace97d729 to your computer and use it in GitHub Desktop.
NAT-PMP hole punching with natpmpc and ferm
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def &FORWARD($interface, $port, $dest) = { | |
| table nat chain PREROUTING interface $interface proto tcp dport $port mod comment comment "forward $port" DNAT to $dest; | |
| table filter chain FORWARD interface $interface proto tcp dport $port daddr $dest ACCEPT; | |
| } | |
| @hook post "pmp-request-forwards 86400"; | |
| &FORWARD(eth0, 49152, 192.0.2.1); | |
| &FORWARD(eth0, 49153, 192.0.2.2); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| iptables -n -tnat -L PREROUTING | sed -rne 's#^.*/\* forward ([^ ]+) \*/.*$#\1#p' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| LIFETIME=$1 | |
| if [ -z $LIFETIME ]; then | |
| echo "Usage: $0 <lifetime>" | |
| exit | |
| fi | |
| for PORT in $( pmp-get-forwards ); do | |
| natpmpc -a $PORT $PORT tcp $LIFETIME >/dev/null 2>&1 | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment