create TCP proxy unsing only iptables

git-svn-id: svn://svn.rot13.org/sysadmin-cookbook@289 191e9f34-6774-4a6d-acfc-7664dacd4a2a

diff --git a/recepies/iptables/iptables-tcp-proxy.sh b/recepies/iptables/iptables-tcp-proxy.sh
new file mode 100755 (executable)
index 0000000..662ff23
--- /dev/null
+++ b/recepies/iptables/iptables-tcp-proxy.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# http://www.debian-administration.org/articles/595
+
+test -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" && echo "$0 LOCAL_IP LOCAL_PORT REMOTE_IP REMOTE_PORT" && exit 1
+
+IPTABLES=/sbin/iptables
+
+echo 'echo 1 > /proc/sys/net/ipv4/ip_forward'
+
+echo $IPTABLES -t nat -A PREROUTING --dst $1 -p tcp --dport $2 -j DNAT --to-destination $3:$4
+echo $IPTABLES -t nat -A POSTROUTING --dst $3 -p tcp --dport $4 -j SNAT --to-source $1
+echo $IPTABLES -t nat -A OUTPUT --dst $1 -p tcp --dport $2 -j DNAT --to-destination $3:$4