SHOW 我的脚本

fengyong

做IPTABLES 转发时,,觉得好麻烦..花了几个小时写了下面的脚本,希望给兄弟们带来帮助.

数据库文件
[PHP]
[root@fy-p3x2 portpr]# cat iplist
192.168.0.128:4899
192.168.0.128:1021
192.168.0.144:1080
[root@fy-p3x2 portpr]# cat ippr.sh
#!/bin/sh
#Name:ip prerouting
#Author: fengyong fy138@sina.com
#Update:2004-11-10

#ip list file &check file
FILE=iplist
if [ ! -f $FILE ];then
        echo "$FILE  not exist."
        exit 1
fi


#internet ip
PPP0=`ifconfig |grep ppp0`
if [ -n "$PPP0" ];then
        INTERIP=`/sbin/ifconfig ppp0|grep inet|awk '{print substr($2,6,15)}'`
else
        exit 1
fi
echo "$INTERIP"


#Iplist
_IPLIST=`cat $FILE |awk '{ print $0 }'`
echo $_IPLIST
for ip in $_IPLIST
do
_IPADD=`echo $ip|awk -F : '{print $1}'`
_PORT=`echo $ip |awk -F : '{print $2}'`
echo $_IPADD
echo $_PORT
iptables -t nat -A PREROUTING -d $INTERIP -p tcp -m tcp --dport $_PORT -j DNAT --to-destination $ip
iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.0.0 -d $_IPADD -p tcp -m tcp --dport $_PORT -j SNAT --to-source $INTERIP
done
[/PHP]

fengyong

读入iplist 文件,,然后跟据里面的IP和端口进行建立IPTABLES 转发..我刚学,,大家不要笑啊..