first commit
This commit is contained in:
Oracle Public Cloud User
commit
eb0f71edfa
5 changed files with 132 additions and 0 deletions
15
NAT_2_fastlight
Executable file
15
NAT_2_fastlight
Executable file
|
|
@ -0,0 +1,15 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Static configuration for the host we are NATting towards
|
||||
# * ORIGINAL_DESTINATION_IP is the private IP corresponding to the desired public IP
|
||||
# * RULES contains "original_destination_port:forward_to_port"
|
||||
INTERFACE_SOURCE="ens3"
|
||||
ORIGINAL_DESTINATION_IP="10.0.0.104"
|
||||
FORWARD_TO_IP="10.0.100.10"
|
||||
RULES=(
|
||||
"25:25"
|
||||
)
|
||||
|
||||
# Runs the actual script
|
||||
CURRENT_DIR="$(dirname "$(readlink -f "$0")")"
|
||||
. "$CURRENT_DIR/configure_NAT_from_RULES"
|
||||
14
NAT_2_monsieurlouis
Executable file
14
NAT_2_monsieurlouis
Executable file
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Static configuration for the host we are NATting towards
|
||||
# * ORIGINAL_DESTINATION_IP is the private IP corresponding to the desired public IP
|
||||
# * RULES contains "original_destination_port:forward_to_port"
|
||||
INTERFACE_SOURCE="ens3"
|
||||
ORIGINAL_DESTINATION_IP="10.0.0.143"
|
||||
FORWARD_TO_IP="10.0.100.30"
|
||||
RULES=(
|
||||
)
|
||||
|
||||
# Runs the actual script
|
||||
CURRENT_DIR="$(dirname "$(readlink -f "$0")")"
|
||||
. "$CURRENT_DIR/configure_NAT_from_RULES"
|
||||
19
NAT_2_norrsken
Executable file
19
NAT_2_norrsken
Executable file
|
|
@ -0,0 +1,19 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Static configuration for the host we are NATting towards
|
||||
# * ORIGINAL_DESTINATION_IP is the private IP corresponding to the desired public IP
|
||||
# * RULES contains "original_destination_port:forward_to_port"
|
||||
INTERFACE_SOURCE="ens3"
|
||||
ORIGINAL_DESTINATION_IP="10.0.0.143"
|
||||
FORWARD_TO_IP="10.0.100.20"
|
||||
RULES=(
|
||||
"53:5300"
|
||||
"53:5300/udp"
|
||||
"80:8000"
|
||||
"443:4430"
|
||||
"443:4430/udp"
|
||||
)
|
||||
|
||||
# Runs the actual script
|
||||
CURRENT_DIR="$(dirname "$(readlink -f "$0")")"
|
||||
. "$CURRENT_DIR/configure_NAT_from_RULES"
|
||||
3
README.md
Normal file
3
README.md
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
# NAT Rules for the Fixed IPv4 Provider
|
||||
|
||||
In case I don't have a fixed IPv4 address, I use these rules to route the services through a fixed IPv4 provider like Oracle Cloud.
|
||||
81
configure_NAT_from_RULES
Executable file
81
configure_NAT_from_RULES
Executable file
|
|
@ -0,0 +1,81 @@
|
|||
#!/bin/bash
|
||||
|
||||
add_NAT_forwarding() {
|
||||
if [ "$#" -ne 6 ]; then
|
||||
echo "Usage: $0 <interface_source> <tcp_or_udp> <original_destination_ip> <original_destination_port> <forward_to_ip> <forward_to_port>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
interface_source="$1"
|
||||
tcp_or_udp="$2"
|
||||
original_destination_ip="$3"
|
||||
original_destination_port="$4"
|
||||
forward_to_ip="$5"
|
||||
forward_to_port="$6"
|
||||
|
||||
firewall-cmd --add-rich-rule "rule family=\"ipv4\" destination address=\"$original_destination_ip\" forward-port port=\"$original_destination_port\" protocol=\"$tcp_or_udp\" to-addr=\"$forward_to_ip\" to-port=\"$forward_to_port\"" --permanent > /dev/null
|
||||
firewall-cmd --reload > /dev/null
|
||||
|
||||
echo "+ [$interface_source][$tcp_or_udp] $original_destination_ip:$original_destination_port --> $forward_to_ip:$forward_to_port"
|
||||
}
|
||||
|
||||
remove_NAT_forwarding() {
|
||||
if [ "$#" -ne 6 ]; then
|
||||
echo "Usage: $0 <interface_source> <tcp_or_udp> <original_destination_ip> <original_destination_port> <forward_to_ip> <forward_to_port>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
interface_source="$1"
|
||||
tcp_or_udp="$2"
|
||||
original_destination_ip="$3"
|
||||
original_destination_port="$4"
|
||||
forward_to_ip="$5"
|
||||
forward_to_port="$6"
|
||||
|
||||
firewall-cmd --remove-rich-rule "rule family=\"ipv4\" destination address=\"$original_destination_ip\" forward-port port=\"$original_destination_port\" protocol=\"$tcp_or_udp\" to-addr=\"$forward_to_ip\" to-port=\"$forward_to_port\"" --permanent > /dev/null
|
||||
firewall-cmd --reload > /dev/null
|
||||
|
||||
echo "- [$interface_source][$tcp_or_udp] $original_destination_ip:$original_destination_port --> $forward_to_ip:$forward_to_port"
|
||||
}
|
||||
|
||||
# Actual script
|
||||
if [ `id -u` -ne 0 ]; then
|
||||
echo "This scripts only runs as root."
|
||||
exit 2
|
||||
fi
|
||||
|
||||
if [ "$#" -ne 1 ]; then
|
||||
echo "Usage: $0 <up/down>"
|
||||
exit 1
|
||||
fi
|
||||
action="$1"
|
||||
|
||||
|
||||
for rule in "${RULES[@]}"; do
|
||||
protocol="tcp"
|
||||
|
||||
if [[ "$rule" == */udp ]]; then
|
||||
protocol="udp"
|
||||
rule="${rule%/udp}" # Remove "/udp" from the end of the string
|
||||
fi
|
||||
|
||||
IFS=":" read -ra parts <<< "$rule"
|
||||
port_origin="${parts[0]}"
|
||||
forward_port="${parts[1]}"
|
||||
|
||||
# Appeler la fonction appropriée en fonction de l'action spécifiée
|
||||
case "$action" in
|
||||
"up")
|
||||
add_NAT_forwarding "$INTERFACE_SOURCE" "$protocol" "$ORIGINAL_DESTINATION_IP" "$port_origin" "$FORWARD_TO_IP" "$forward_port"
|
||||
;;
|
||||
"down")
|
||||
remove_NAT_forwarding "$INTERFACE_SOURCE" "$protocol" "$ORIGINAL_DESTINATION_IP" "$port_origin" "$FORWARD_TO_IP" "$forward_port"
|
||||
;;
|
||||
*)
|
||||
echo "Invalid action. Use 'up' or 'down'."
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
echo -e "\nDone! Don't forget to add/remove the rules in the security list."
|
||||
Loading…
Reference in a new issue