#!/bin/bash while getopts a: opt; do case $opt in a) ADDRESS="$OPTARG" ;; \?) echo "Invalid option -$OPTARG. usage: test -a [ipaddress]." exit 1 ;; :) echo "Option -$OPTARG" exit 1 ;; esac done if [ -z "$ADDRESS" ]; then echo "usage: test -a [ipaddress]" exit 1; fi #setup the new eth1 cat ./interface >> /etc/network/interfaces ifup eth1 #clear the tables iptables -F iptables -t nat -F POSTROUTING iptables -t nat -F PREROUTING #Enable forwarding iptables -A FORWARD -o eth0 -i eth1 -s 192.168.1.0/24 -m conntrack --ctstate NEW -j ACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT #Enable outgoing NAT (MAQUERADE is for dyanmic IPs but I want this script to work for anyone iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -p tcp -d $ADDRESS --sport 1024:65535 --dport 3389 -j DNAT --to-destination 192.168.1.2 iptables -t nat -A PREROUTING -i eth0 -p tcp -d $ADDRESS --sport 1024:65535 --dport 3390 -j DNAT --to-destination 192.168.1.3:3389 iptables -t nat -A PREROUTING -i eth0 -p tcp -d $ADDRESS --sport 1024:65535 --dport 3391 -j DNAT --to-destination 192.168.1.4:3389 iptables -t nat -A PREROUTING -i eth0 -p tcp -d $ADDRESS --sport 1024:65535 --dport 3392 -j DNAT --to-destination 192.168.1.5:3389 iptables -t nat -A PREROUTING -i eth0 -p tcp -d $ADDRESS --sport 1024:65535 --dport 3393 -j DNAT --to-destination 192.168.1.6:3389 iptables -t nat -A PREROUTING -i eth0 -p tcp -d $ADDRESS --sport 1024:65535 --dport 3394 -j DNAT --to-destination 192.168.1.7:3389 iptables -t nat -A PREROUTING -i eth0 -p tcp -d $ADDRESS --sport 1024:65535 --dport 3395 -j DNAT --to-destination 192.168.1.8:3389 #Save the configuration iptables-save > /etc/iptables.sav #enable forwarding now echo 1 > /proc/sys/net/ipv4/ip_forward #enable forwarding when rebooted sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf sed -i 's@# By default this script does nothing.@iptables-restore < /etc/iptables.sav@g' /etc/rc.local