#!/bin/bash if [ -z "$FWD_START_PORT" -o -z "$FWD_END_PORT" -o -z "$FWD_WAN_IP" -o -z "$RAINBOW_STATEDIR" ]; then echo "ERROR: Required configuration is missing. Please check configuraiton file." exit 1 fi check_rainbow_rules () { iptables -t nat -n --list RAINBOW >/dev/null 2>&1 || return 1 iptables -t nat -S PREROUTING | grep -q RAINBOW || return 1 return 0 } cleanup_rainbow_rules () { iptables -t nat -S PREROUTING | grep RAINBOW | sed 's/^-A/-D/' | xargs -r iptables -t nat iptables -t nat -F RAINBOW >/dev/null 2>&1 iptables -t nat -X RAINBOW >/dev/null 2>&1 } init_rainbow_rules () { iptables -t nat -N RAINBOW iptables -t nat -A PREROUTING -d $FWD_WAN_IP -p tcp -m tcp -m multiport --dports ${FWD_START_PORT}:${FWD_END_PORT} -j RAINBOW # statedir has a files like forward.3398 that contains iptables command # iptables -t nat -A RAINBOW -p tcp -m tcp --dport 30001 -j DNAT --to-destination 10.75.9.1:3389 find $RAINBOW_STATEDIR -name '*forward*' -exec bash {} \; } get_next_fwd_port () { nextport=${FWD_START_PORT} for port in $( iptables -t nat -S RAINBOW | sed -n 's/.*--dport\s\+\([0-9]\+\)\s\+-j\sDNAT.*/\1/p' | sort -n ); do [ $nextport -lt $port ] && break nextport=$((port+1)) done if [ $nextport -gt ${FWD_END_PORT} ]; then echo "ERROR: No ports left to setup forwarding. Consider to configure wider port range for Rainbow GW helper" >&2 exit 1 fi echo $nextport } get_rainbow_fwdrule () { local localport=$1 local remotesock=$2 echo "iptables -t nat -A RAINBOW -p tcp -m tcp --dport "${localport}" -j DNAT --to-destination ${remotesock}" }