Strony

czwartek, 10 kwietnia 2008

cribs... first some SNAT script

What is SNAT:
Process of network address translation done in a secure way (also known as source network address translation or SNAT for short). This process involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall.


very simple bash script to SNAT to common use (with no fireworks :))
#! /bin/bash
# Marcin Rybak
#
# External IP (from WAN side)
EXTIP="xxx.xxx.xxx.xxx"

# External iface
EXTIF="eth0"

# Local network to SNAT"
INT_NET="192.168.0.0/24"

# Path to IPTABLES (check if in your system is the same)
IPTABLES="/usr/sbin/iptables"

echo "[+] Enabling ip forwarding"
echo "1" > /proc/sys/net/ipv4/ip_forward

echo "[+] Cleaning existing tables"
$IPTABLES -t nat -F POSTROUTING
$IPTABLES -t nat -F PREROUTING
$IPTABLES -F FORWARD
$IPTABLES -P FORWARD ACCEPT

echo "[+] Turning on SNAT"
$IPTABLES -A POSTROUTING -t nat -s $INT_NET -j SNAT --to $EXTIP
echo "[+] I think it's DONE"

0 komentarze: