mirror of
https://github.com/Start9Labs/start-os.git
synced 2026-03-26 18:31:52 +00:00
38 lines
965 B
Bash
Executable File
38 lines
965 B
Bash
Executable File
#!/bin/bash
|
|
|
|
if [ -z "$sip" ] || [ -z "$dip" ] || [ -z "$sport" ] || [ -z "$dport" ]; then
|
|
>&2 echo 'missing required env var'
|
|
exit 1
|
|
fi
|
|
|
|
# Helper function to check if a rule exists
|
|
nat_rule_exists() {
|
|
iptables -t nat -C "$@" 2>/dev/null
|
|
}
|
|
|
|
# Helper function to add or delete a rule idempotently
|
|
# Usage: apply_rule [add|del] <iptables args...>
|
|
apply_nat_rule() {
|
|
local action="$1"
|
|
shift
|
|
|
|
if [ "$action" = "add" ]; then
|
|
# Only add if rule doesn't exist
|
|
if ! rule_exists "$@"; then
|
|
iptables -t nat -A "$@"
|
|
fi
|
|
elif [ "$action" = "del" ]; then
|
|
if rule_exists "$@"; then
|
|
iptables -t nat -D "$@"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
if [ "$UNDO" = 1 ]; then
|
|
action="del"
|
|
else
|
|
action="add"
|
|
fi
|
|
|
|
apply_nat_rule "$action" PREROUTING -p tcp -d $sip --dport $sport -j DNAT --to-destination $dip:$dport
|
|
apply_nat_rule "$action" OUTPUT -p tcp -d $sip --dport $sport -j DNAT --to-destination $dip:$dport |