diff --git a/README.md b/README.md index 4335e1a..fce65f5 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,131 @@ # Port-redirect-script +```bash +#!/bin/bash + +# Script to manage port redirections with extended system compatibility +# Usage: +# ./script.sh add [tcp|udp] # defaults to both tcp and udp if not specified +# ./script.sh remove [tcp|udp] # defaults to both tcp and udp if not specified +# ./script.sh list +# ./script.sh check + +# Configuration +DEST_IP="192.168.2.2" # The internal IP to which traffic should be redirected +INTERFACE="wg0" # The outgoing interface used for MASQUERADE + +check_system() { + # Check for iptables and install if not present + if ! command -v iptables >/dev/null 2>&1; then + echo "iptables is not installed. Would you like to install it now? (y/n)" + read answer + if [[ "$answer" == "y" ]]; then + if [ -f "/etc/alpine-release" ]; then + apk add iptables + elif [ -f "/etc/debian_version" ]; then + apt-get update + apt-get install iptables + elif [ -f "/etc/fedora-release" ]; then + dnf install -y iptables + elif [ -f "/etc/arch-release" ]; then + pacman -Syu iptables + else + echo "Unsupported OS. Please install iptables manually." + exit 1 + fi + else + echo "iptables is required for this script to function." + exit 1 + fi + fi + + # Check for startup script existence and setup if not present + if [ ! -f "/etc/local.d/iptables.start" ]; then + echo "Autostart script for iptables rules is not configured. Would you like to configure it now? (y/n)" + read answer + if [[ "$answer" == "y" ]]; then + echo '#!/bin/sh' > /etc/local.d/iptables.start + echo "iptables-restore < /etc/iptables/rules-save" >> /etc/local.d/iptables.start + chmod +x /etc/local.d/iptables.start + if [ -f "/etc/alpine-release" ]; then + rc-update add local default + rc-service local start + elif [ -f "/etc/fedora-release" ] || [ -f "/etc/arch-release" ]; then + systemctl enable rc-local.service + systemctl start rc-local.service + elif [ -f "/etc/debian_version" ]; then + systemctl enable rc-local.service + systemctl start rc-local.service + else + echo "Unsupported OS for autostart configuration." + exit 1 + fi + echo "Startup script configured successfully." + else + echo "Autostart script is essential for persistent iptables rules." + exit 1 + fi + fi +} + +# Function to add port redirection +add_port() { + local port=$1 + local proto=${2:-"tcp udp"} # Default to both TCP and UDP if not specified + for p in $proto; do + echo "Adding $p redirection for port: $port" + iptables -t nat -A PREROUTING -p $p --dport $port -j DNAT --to-destination $DEST_IP:$port + iptables -t nat -A POSTROUTING -o $INTERFACE -p $p --dport $port -d $DEST_IP -j MASQUERADE + echo "Redirection added for $p port $port." + done +} + +# Function to remove port redirection +remove_port() { + local port=$1 + local proto=${2:-"tcp udp"} # Default to both TCP and UDP if not specified + for p in $proto; do + echo "Removing $p redirection for port: $port" + iptables -t nat -D PREROUTING -p $p --dport $port -j DNAT --to-destination $DEST_IP:$port + iptables -t nat -D POSTROUTING -o $INTERFACE -p $p --dport $port -d $DEST_IP -j MASQUERADE + echo "Redirection removed for $p port $port." + done +} + +# Function to list all port redirections +list_redirects() { + echo "Listing all TCP and UDP port redirections:" + iptables -t nat -L PREROUTING --line-numbers -n + iptables -t nat -L POSTROUTING --line-numbers -n +} + +# Main case logic +case "$1" in + add|remove) + if [ "$#" -lt 2 ] || [ "$#" -gt 3 ]; then + echo "Invalid usage for $1" + echo "Usage: $0 $1 [tcp|udp]" + exit 1 + fi + check_system + "${1}_port" $2 $3 + ;; + list) + check_system + list_redirects + ;; + check) + check_system + echo "System check completed." + ;; + *) + echo "Invalid command: $1" + echo "Usage: $0 {add|remove|list|check} " + exit 1 + ;; +esac + +# Save the current iptables rules +iptables-save > /etc/iptables/rules-save +echo "Current iptables rules saved." +``` \ No newline at end of file