Skip to content

Instantly share code, notes, and snippets.

@jdembowski
Created May 29, 2016 15:22
Show Gist options
  • Save jdembowski/bae4fcb653a81637f4b4fe751eb2216a to your computer and use it in GitHub Desktop.
Save jdembowski/bae4fcb653a81637f4b4fe751eb2216a to your computer and use it in GitHub Desktop.
#!/bin/bash
CURRENTIP=$(dig +short tf2.dn7.me | tail -1)
OLDIP=$(</var/cache/tf2.dn7.me-ip)
if [ "$CURRENTIP" != "$OLDIP" ]
then
# Delete existing /sbin/iptables rules for port 27015
# From http://serverfault.com/questions/401416/iptables-clear-all-prerouting-rules-with-a-specific-destination-address
# Remove PREROUTING rules for destination port 27015.
for line_num in $(/sbin/iptables --line-numbers --list PREROUTING -t nat | awk '$8=="dpt:27015" {print $1}')
do
LINES="$line_num $LINES"
done
# Delete the lines, last to first.
for line in $LINES
do
/sbin/iptables -t nat -D PREROUTING $line
done
unset LINES
# Remove FORWARD rules for destination port 27015.
for line_num in $(/sbin/iptables --line-numbers --list FORWARD | awk '$8=="dpt:27015" {print $1}')
do
LINES="$line_num $LINES"
done
# Delete the lines, last to first.
for line in $LINES
do
/sbin/iptables -D FORWARD $line
done
unset LINES
# Add /sbin/iptables of server's new IP
/sbin/iptables -A FORWARD -d $CURRENTIP -i eth0 -p tcp -m tcp --dport 27015:27015 -j ACCEPT #forward tcp port range
/sbin/iptables -A FORWARD -d $CURRENTIP -i eth0 -p udp -m udp --dport 27015:27015 -j ACCEPT #forward udp port range
/sbin/iptables -t nat -A PREROUTING -d 172.99.75.122 -p tcp -m tcp --dport 27015:27015 -j DNAT --to-destination $CURRENTIP
/sbin/iptables -t nat -A PREROUTING -d 172.99.75.122 -p udp -m udp --dport 27015:27015 -j DNAT --to-destination $CURRENTIP
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Save the current IP
echo $CURRENTIP > /var/cache/tf2.dn7.me-ip
# Done
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment