IP=$1
PORT=$2

if [ -z "$PORT" ]]; then
    echo "Caranya: $0 <ip> <port>"
    echo "Contoh: $0 10.8.42.10 80"
    exit 1
fi

echo 1 > /proc/sys/net/ipv4/ip_forward

read -p "Hapus semua aturan firewall (y/t, default tidak) ? " jwb 
if [ "$jwb" = "y" ]; then
    iptables -F -t nat
    iptables -F
fi

old_ip=`iptables -n -L -t nat | grep ^DNAT | grep ":${PORT}" | awk '{print $8}' | awk -F":" '{print $2}'`
if [ -n "$old_ip" ]; then
    # Hapus IP sebelumnya
    iptables -t nat -D PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $old_ip:${PORT} || exit 1
fi

# Bila publik mengakses port $PORT arahkan ke $IP
iptables -t nat -I PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $IP:$PORT || exit 1

# Izinkan publik mengakses $IP
iptables -t nat -I POSTROUTING -j MASQUERADE --destination $IP

# Izinkan port forward hanya ke $IP
iptables -I FORWARD -m state -d $IP --state NEW,RELATED,ESTABLISHED -j ACCEPT

read -p "Izinkan $IP menggunakan server ini sebagai proxy (y/t, default t) ?" jwb
if [ "$jwb" = "y" ]; then 
    iptables -I POSTROUTING -t nat -j MASQUERADE --source $IP 
fi

iptables-save > /etc/iptables/rules.v4
echo "Sudah disimpan di /etc/iptables/rules.v4"