ipt: example script for how to set up an iptables transproxy.

author: Avery Pennarun <apenwarr@gmail.com> 2010-05-01 17:15:18 -0400
committer: Avery Pennarun <apenwarr@gmail.com> 2010-05-01 17:15:18 -0400
commit: f84b87d7eb56f0134955d3da242619894fa74433 (patch)
tree: 50bdc9bedafb40abb35ea528c531ac0a4c116617
parent: 2f3c86e962f4262f3c23a1360341accb3fc56533 (diff)
1 files changed, 28 insertions, 0 deletions
diff --git a/ipt b/ipt
new file mode 100755
index 0000000..04bb599
--- /dev/null
+++ b/ipt
@@ -0,0 +1,28 @@
+#!/bin/bash -x
+PORT="$1"
+shift
+
+if [ -z "$PORT" ] || ! [ "$PORT" -gt 0 ]; then
+	echo "'$PORT' is not a valid port number"
+	exit 1
+fi
+
+# basic cleanup/setup
+C=sshuttle-$PORT
+iptables -t nat -D OUTPUT -j $C
+iptables -t nat -F $C
+iptables -t nat -X $C
+
+if [ -z "$*" ]; then
+    # just delete existing rules
+    exit 0
+fi
+iptables -t nat -N $C
+iptables -t nat -I OUTPUT 1 -j $C
+iptables -t nat -D $C -j REDIRECT -p tcp --to-ports $PORT
+
+# create new subnet entries
+for subnet in "$@"; do
+	iptables -t nat -A $C -j REDIRECT --dest "$subnet" -p tcp \
+		--to-ports "$PORT"
+done
author	Avery Pennarun <apenwarr@gmail.com>	2010-05-01 17:15:18 -0400
committer	Avery Pennarun <apenwarr@gmail.com>	2010-05-01 17:15:18 -0400
commit	f84b87d7eb56f0134955d3da242619894fa74433 (patch)
tree	50bdc9bedafb40abb35ea528c531ac0a4c116617
parent	2f3c86e962f4262f3c23a1360341accb3fc56533 (diff)