# Port-redirect-script ```bash #!/bin/bash # Script to manage port redirections with extended system compatibility # Usage: # ./script.sh add [tcp|udp] # defaults to both tcp and udp if not specified # ./script.sh remove [tcp|udp] # defaults to both tcp and udp if not specified # ./script.sh list # ./script.sh check # Configuration DEST_IP="192.168.2.2" # The internal IP to which traffic should be redirected INTERFACE="wg0" # The outgoing interface used for MASQUERADE check_system() { # Check for iptables and install if not present if ! command -v iptables >/dev/null 2>&1; then echo "iptables is not installed. Would you like to install it now? (y/n)" read answer if [[ "$answer" == "y" ]]; then if [ -f "/etc/alpine-release" ]; then apk add iptables elif [ -f "/etc/debian_version" ]; then apt-get update apt-get install iptables elif [ -f "/etc/fedora-release" ]; then dnf install -y iptables elif [ -f "/etc/arch-release" ]; then pacman -Syu iptables else echo "Unsupported OS. Please install iptables manually." exit 1 fi else echo "iptables is required for this script to function." exit 1 fi fi # Check for startup script existence and setup if not present if [ ! -f "/etc/local.d/iptables.start" ]; then echo "Autostart script for iptables rules is not configured. Would you like to configure it now? (y/n)" read answer if [[ "$answer" == "y" ]]; then echo '#!/bin/sh' > /etc/local.d/iptables.start echo "iptables-restore < /etc/iptables/rules-save" >> /etc/local.d/iptables.start chmod +x /etc/local.d/iptables.start if [ -f "/etc/alpine-release" ]; then rc-update add local default rc-service local start elif [ -f "/etc/fedora-release" ] || [ -f "/etc/arch-release" ]; then systemctl enable rc-local.service systemctl start rc-local.service elif [ -f "/etc/debian_version" ]; then systemctl enable rc-local.service systemctl start rc-local.service else echo "Unsupported OS for autostart configuration." exit 1 fi echo "Startup script configured successfully." else echo "Autostart script is essential for persistent iptables rules." exit 1 fi fi } # Function to add port redirection add_port() { local port=$1 local proto=${2:-"tcp udp"} # Default to both TCP and UDP if not specified for p in $proto; do echo "Adding $p redirection for port: $port" iptables -t nat -A PREROUTING -p $p --dport $port -j DNAT --to-destination $DEST_IP:$port iptables -t nat -A POSTROUTING -o $INTERFACE -p $p --dport $port -d $DEST_IP -j MASQUERADE echo "Redirection added for $p port $port." done } # Function to remove port redirection remove_port() { local port=$1 local proto=${2:-"tcp udp"} # Default to both TCP and UDP if not specified for p in $proto; do echo "Removing $p redirection for port: $port" iptables -t nat -D PREROUTING -p $p --dport $port -j DNAT --to-destination $DEST_IP:$port iptables -t nat -D POSTROUTING -o $INTERFACE -p $p --dport $port -d $DEST_IP -j MASQUERADE echo "Redirection removed for $p port $port." done } # Function to list all port redirections list_redirects() { echo "Listing all TCP and UDP port redirections:" iptables -t nat -L PREROUTING --line-numbers -n iptables -t nat -L POSTROUTING --line-numbers -n } # Main case logic case "$1" in add|remove) if [ "$#" -lt 2 ] || [ "$#" -gt 3 ]; then echo "Invalid usage for $1" echo "Usage: $0 $1 [tcp|udp]" exit 1 fi check_system "${1}_port" $2 $3 ;; list) check_system list_redirects ;; check) check_system echo "System check completed." ;; *) echo "Invalid command: $1" echo "Usage: $0 {add|remove|list|check} " exit 1 ;; esac # Save the current iptables rules iptables-save > /etc/iptables/rules-save echo "Current iptables rules saved." ```