1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
IP=$1
PORT=$2
if [ -z "$PORT" ]]; then
echo "Caranya: $0 <ip> <port>"
echo "Contoh: $0 10.8.42.10 80"
exit 1
fi
echo 1 > /proc/sys/net/ipv4/ip_forward
read -p "Hapus semua aturan firewall (y/t, default tidak) ? " jwb
if [ "$jwb" = "y" ]; then
iptables -F -t nat
iptables -F
fi
old_ip=`iptables -n -L -t nat | grep ^DNAT | grep ":${PORT}" | awk '{print $8}' | awk -F":" '{print $2}'`
if [ -n "$old_ip" ]; then
# Hapus IP sebelumnya
iptables -t nat -D PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $old_ip:${PORT} || exit 1
fi
# Bila publik mengakses port $PORT arahkan ke $IP
iptables -t nat -I PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $IP:$PORT || exit 1
# Izinkan publik mengakses $IP
iptables -t nat -I POSTROUTING -j MASQUERADE --destination $IP
# Izinkan port forward hanya ke $IP
iptables -I FORWARD -m state -d $IP --state NEW,RELATED,ESTABLISHED -j ACCEPT
read -p "Izinkan $IP menggunakan server ini sebagai proxy (y/t, default t) ?" jwb
if [ "$jwb" = "y" ]; then
iptables -I POSTROUTING -t nat -j MASQUERADE --source $IP
fi
iptables-save > /etc/iptables/rules.v4
echo "Sudah disimpan di /etc/iptables/rules.v4"