phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 13:46:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adapt for Ubuntu and prepare for migration to Hetzner

Browse source
This commit is contained in:
Paul-Henri Froidmont 2018-10-11 04:17:57 +02:00
parent 38237337fc
commit 3090cc6818
26 changed files with 94 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

28
roles/scripts/files/proxyFirewall.sh Normal file
View file

@ -0,0 +1,28 @@
#!/bin/bash
# Clear config
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X
echo 1 > /proc/sys/net/ipv4/ip_forward
PORTS_TO_FORWARD_TCP="25 80 110 143 443 465 587 993 995 2224 3478 8008 8448 27015 64738"
PORTS_TO_FORWARD_UDP="34197 64738"
DESTINATION_IP="212.83.165.111"
#DESTINATION_IP="5.9.66.49"
for port in `echo $PORTS_TO_FORWARD_TCP`
do
iptables -t nat -A PREROUTING -p tcp -m tcp --dport ${port} -j DNAT --to-destination ${DESTINATION_IP}
iptables -A FORWARD -d ${DESTINATION_IP}/32 -p tcp -m tcp --dport ${port} -j ACCEPT
done
for port in `echo $PORTS_TO_FORWARD_UDP`
do
iptables -t nat -A PREROUTING -p udp -m udp --dport ${port} -j DNAT --to-destination ${DESTINATION_IP}
iptables -A FORWARD -d ${DESTINATION_IP}/32 -p tcp -m tcp --dport ${port} -j ACCEPT
done
iptables -t nat -A POSTROUTING -j MASQUERADE