#!/bin/sh # Set some variables # Why? So if anything changes, you don't have to change # every single instance of that IP in the script, you only have # to change it in one place, and rerun the script for it to # take effect. WEBSERVER="10.11.12.20" EXT_IP="1.2.3.5" # Flush all preexisting portforwarding rules ipmasqadm portfw -f # Do port forwarding for the server on ports 80 (http) and 443 (https) # Note for readability I use the actual service names instead of the # port numbers. Linux will automagically interpret the appropriate # ports from the /etc/services file. # Since the port forwarding code doesn't have anything like # the '-b' switch in ipchains (meaning bidirectional), we have # to make two separate statements for each port forwarded - # one for incoming, and one for outgoing ipmasqadm portfw -a -P tcp -L $EXT_IP http -R $WEBSERVER http ipmasqadm portfw -a -P tcp -L $WEBSERVER http -R $EXT_IP http ipmasqadm portfw -a -P tcp -L $EXT_IP https -R $WEBSERVER https ipmasqadm portfw -a -P tcp -L $WEBSERVER https -R $EXT_IP https