Port forwarding


#wg
#Si presume che il nome dell'intefaccia wg sia wg0
network=tun0
echo "Ciao, quale porta desideri aprire?"
read BASE
echo "Inserisci l'ip del tuo client connesso"
read client
echo "Inserisci l'ip dell'interfaccia wg0"
#Se script di Nyr, 10.7.0.1
read sources
#echo "Inserisci il nome della rete virtuale della tua vpn"
#read network
echo "Inserisci il nome della scheda di rete primaria del tuo server"
read lnetwork
iptables -A FORWARD -i $lnetwork -o $network -p tcp --syn --dport "$BASE" -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -i $lnetwork -o $network -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $network -o $lnetwork -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -i $lnetwork -p tcp --dport "$BASE" -j DNAT --to-destination $client
iptables -t nat -A POSTROUTING -o $network -p tcp --dport "$BASE" -d "$client" -j SNAT --to-source $sources

#wireguard

    iptables -A FORWARD -i eth0 -o wg0 -p tcp --syn --dport 22 -m conntrack --ctstate NEW -j ACCEPT
    iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j DNAT --to-destination 10.7.0.2
    iptables -t nat -A POSTROUTING -o wg0 -p tcp --dport 22 -d 10.7.0.2 -j SNAT --to-source 10.7.0.1
    
**#Per substrate parti da qui !!!**
    iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i eth0 -o wg0 -p tcp --syn --dport 8000 -m conntrack --ctstate NEW -j ACCEPT
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8000 -j DNAT --to-destination 10.7.0.2
    iptables -t nat -A POSTROUTING -o wg0 -p tcp --dport 8000 -d 10.7.0.2 -j SNAT --to-source 10.7.0.1
    iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i eth0 -o wg0 -p tcp --syn --dport 30334 -m conntrack --ctstate NEW -j ACCEPT
    iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 30334 -j DNAT --to-destination 10.7.0.2
    iptables -t nat -A POSTROUTING -o wg0 -p tcp --dport 30334 -d 10.7.0.2 -j SNAT --to-source 10.7.0.1
    iptables -A FORWARD -i eth0 -o wg0 -p tcp --syn --dport 9933 -m conntrack --ctstate NEW -j ACCEPT
    iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9933 -j DNAT --to-destination 10.7.0.2
    iptables -t nat -A POSTROUTING -o wg0 -p tcp --dport 9933 -d 10.7.0.2 -j SNAT --to-source 10.7.0.1
    iptables -A FORWARD -i eth0 -o wg0 -p tcp --syn --dport 9944 -m conntrack --ctstate NEW -j ACCEPT
    iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9944 -j DNAT --to-destination 10.7.0.2
    iptables -t nat -A POSTROUTING -o wg0 -p tcp --dport 9944 -d 10.7.0.2 -j SNAT --to-source 10.7.0.1
    iptables -A FORWARD -i eth0 -o wg0 -p tcp --syn --dport 9945 -m conntrack --ctstate NEW -j ACCEPT
    iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9945 -j DNAT --to-destination 10.7.0.2
    iptables -t nat -A POSTROUTING -o wg0 -p tcp --dport 9945 -d 10.7.0.2 -j SNAT --to-source 10.7.0.1

#openvpn
#!/bin/bash
apt-get install curl -y
IP=$(curl ifconfig.co)
iptables -t nat -I PREROUTING 1 -d $IP -p tcp --dport 30333 -j DNAT --to-dest 10.8.0.2:30333
iptables -t nat -I POSTROUTING 1 -d 10.8.0.2 -p tcp --dport 30333 -j SNAT --to-source 10.8.0.1
iptables -I FORWARD 1 -d 10.8.0.2 -p tcp --dport 30333 -j ACCEPT

iptables -t nat -I PREROUTING 1 -d $IP -p tcp --dport 30334 -j DNAT --to-dest 10.8.0.2:30334
iptables -t nat -I POSTROUTING 1 -d 10.8.0.2 -p tcp --dport 30334 -j SNAT --to-source 10.8.0.1
iptables -I FORWARD 1 -d 10.8.0.2 -p tcp --dport 30334 -j ACCEPT

iptables -t nat -I PREROUTING 1 -d $IP -p tcp --dport 9933 -j DNAT --to-dest 10.8.0.2:9933
iptables -t nat -I POSTROUTING 1 -d 10.8.0.2 -p tcp --dport 9933 -j SNAT --to-source 10.8.0.1
iptables -I FORWARD 1 -d 10.8.0.2 -p tcp --dport 9933 -j ACCEPT

iptables -t nat -I PREROUTING 1 -d $IP -p tcp --dport 9934 -j DNAT --to-dest 10.8.0.2:9934
iptables -t nat -I POSTROUTING 1 -d 10.8.0.2 -p tcp --dport 9934 -j SNAT --to-source 10.8.0.1
iptables -I FORWARD 1 -d 10.8.0.2 -p tcp --dport 9934 -j ACCEPT

iptables -t nat -I PREROUTING 1 -d $IP -p tcp --dport 9944 -j DNAT --to-dest 10.8.0.2:9944
iptables -t nat -I POSTROUTING 1 -d 10.8.0.2 -p tcp --dport 9944 -j SNAT --to-source 10.8.0.1
iptables -I FORWARD 1 -d 10.8.0.2 -p tcp --dport 9944 -j ACCEPT

iptables -t nat -I PREROUTING 1 -d $IP -p tcp --dport 9945 -j DNAT --to-dest 10.8.0.2:9945
iptables -t nat -I POSTROUTING 1 -d 10.8.0.2 -p tcp --dport 9945 -j SNAT --to-source 10.8.0.1
iptables -I FORWARD 1 -d 10.8.0.2 -p tcp --dport 9945 -j ACCEPT

#Kill switdh openvpn 
#!/bin/bash
iptables --flush
iptables --delete-chain
iptables -t nat --flush
iptables -t nat --delete-chain
iptables -P OUTPUT DROP
iptables -A INPUT -j ACCEPT -i lo
iptables -A OUTPUT -j ACCEPT -o lo
iptables -A OUTPUT -j ACCEPT -d 94.154.1.125/32 -o wlp6s0 -p udp -m udp --dport 8080
iptables -A INPUT -j ACCEPT -s 94.154.1.125/32 -i wlp6s0 -p udp -m udp --sport 8080
iptables -A INPUT -j ACCEPT -i tun0
iptables -A OUTPUT -j ACCEPT -o tun0

# Forward della sola 30333
iptables -t nat -A PREROUTING -p tcp --dport 30333 -j DNAT --to-destination 87.98.160.114:30333 
iptables -t nat -A POSTROUTING -p tcp -d 87.98.160.114 --dport 30333 -j SNAT --to-source 185.213.22.238
echo 1 > /proc/sys/net/ipv4/ip_forward