From: Dobrica Pavlinusic <dpavlin@rot13.org>
Date: Thu, 9 Feb 2012 20:18:26 +0000 (+0000)
Subject: create TCP proxy unsing only iptables
X-Git-Url: http://git.rot13.org/?p=sysadmin-cookbook;a=commitdiff_plain;h=2f4347a250007d255e36eac2170f30939b3f0fe8;ds=sidebyside

create TCP proxy unsing only iptables

git-svn-id: svn://svn.rot13.org/sysadmin-cookbook@289 191e9f34-6774-4a6d-acfc-7664dacd4a2a
---

diff --git a/recepies/iptables/iptables-tcp-proxy.sh b/recepies/iptables/iptables-tcp-proxy.sh
new file mode 100755
index 0000000..662ff23
--- /dev/null
+++ b/recepies/iptables/iptables-tcp-proxy.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# http://www.debian-administration.org/articles/595
+
+test -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" && echo "$0 LOCAL_IP LOCAL_PORT REMOTE_IP REMOTE_PORT" && exit 1
+
+IPTABLES=/sbin/iptables
+
+echo 'echo 1 > /proc/sys/net/ipv4/ip_forward'
+
+echo $IPTABLES -t nat -A PREROUTING --dst $1 -p tcp --dport $2 -j DNAT --to-destination $3:$4
+echo $IPTABLES -t nat -A POSTROUTING --dst $3 -p tcp --dport $4 -j SNAT --to-source $1
+echo $IPTABLES -t nat -A OUTPUT --dst $1 -p tcp --dport $2 -j DNAT --to-destination $3:$4