cleberad
(usa Linux Mint)
Enviado em 28/05/2011 - 08:17h
esta assim ...
#!/bin/bash
echo "1" > /proc/sys/net/ipv4/ip_forward
# Limpando as tabelas
iptables -F
iptables -t nat -F
iptables -t mangle -F
# Macarando conexões da rede
# se sua conexao estiver na interface ppp0 basta trocar o eth0 por ppp0
# a interface ppp0 é usada tb em dial-up, entao, neste caso, troque o eth0
# por ppp0
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A PREROUTING -s 192.168.2.0/255.255.255.0 -p tcp --dport 80 -j REDIRECT --to-port 3128
#Redirecionamento MSN
iptables -t nat -A PREROUTING -s 192.168.2.0/255.255.255.0 -p udp --dport 1863 -j REDIRECT --to-port 1863
iptables -t nat -A PREROUTING -s 192.168.2.0/255.255.255.0 -p tcp --dport 1863 -j REDIRECT --to-ports 1863
#Bloqueia MSN na porta 80
#iptables -t nat -A PREROUTING -p tcp --dport 80 -m string --string 'x-msn-messenger' -j DROP
#Libera TS
iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to 192.168.2.3
iptables -A FORWARD -p tcp --dport 3389 -j ACCEPT
iptables -A FORWARD -p tcp --dport 53 -j ACCEPT
iptables -A FORWARD -p udp --dport 53 -j ACCEPT
iptables -A FORWARD -p tcp --dport 443 -j ACCEPT
iptables -A FORWARD -p udp --dport 443 -j ACCEPT
iptables -A FORWARD -p tcp --dport 25000:30000 -j ACCEPT
iptables -A FORWARD -p udp --dport 25000:30000 -j ACCEPT
