Linux firewall
echo 1 > /proc/sys/net/ipv4/ip_forward
# Declaracao de Variaveis
dir=/etc/fw iffora=eth0 ifdentro=eth1
redeint=192.168.7.0/255.255.255.0
limpa()
{
# Limpa e apaga chains
iptables -F iptables -X iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT
}
statefull()
{
# Libera conexoes ja estabilizadas
iptables -A FORWARD -i $iffora -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i $ifdentro -m state --state RELATED,ESTABLISHED -j ACCEPT
}
liberados()
{
# Redericiona conexoes externas
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 34500 -j DNAT --to-dest 192.168.7.15 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5800 -j DNAT --to-dest 192.168.7.15:5800 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5900 -j DNAT --to-dest 192.168.7.15:5900 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3390 -j DNAT --to-dest 192.168.7.100:3389 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5901 -j DNAT --to-dest 192.168.7.7:5901 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3400 -j DNAT --to-dest 192.168.7.7:3400 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2222 -j DNAT --to-dest 192.168.7.200:22
# iptables -t nat -I PREROUTING -p tcp --dport 3390 -j DNAT --to 192.168.7.100:3389
# iptables -t nat -I PREROUTING -p tcp --dport 5901 -j DNAT --to 192.168.7.7:5901
# iptables -t nat -I PREROUTING -p tcp --dport 3400 -j DNAT --to 192.168.7.7:3400
# iptables -t nat -I PREROUTING -p tcp --dport 34500 -j DNAT --to 192.168.7.15:34500
# iptables -t nat -I PREROUTING -p tcp --dport 5800 -j DNAT --to 192.168.7.15:5800
# LIbera maquina por fora do proxy # teste iptables -I FORWARD -s 192.168.7.15 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.7.15 -o eth0 -j MASQUERADE
# Anderson iptables -I FORWARD -s 192.168.7.7 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.7.7 -o eth0 -j MASQUERADE
# Servidor