iptablesÅäÖÃtcp¶Ë¿Úת·¢

# example:
#iptables -t nat -A PREROUTING -p tcp --dport 1111 -j DNAT --to-destination 192.168.1.10:8022
#iptables -t nat -A POSTROUTING -d 192.168.1.10 -p tcp --dport 8022 -j MASQUERADE

tcp_port_forward()
{
PROTOCOL=$1 
SERVERPORT=$2
DHOST=$3 
DPORT=$4
echo "$1, $2, $3, $4"
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING  -p $PROTOCOL --dport $SERVERPORT -j DNAT --to-destination $DHOST:$DPORT
iptables -t nat -A POSTROUTING -d $DHOST -p $PROTOCOL --dport $DPORT -j MASQUERADE

echo "redirect_port end."
}
clean_tcp_port_forward()
{
No=$1 

iptables -t nat  -D POSTROUTING $No
iptables -t nat  -D PREROUTING $No
echo "clean  no $No."

}
usage()
{
echo "Usage: $0 PROTOCOL/-d SERVER-PORTD/no HOST DPORT "
echo "example1: $0 tcp 443 192.168.1.123 8043"
echo " Visit this host on port 8043 equal vist 192.168.1.20:443"
echo "example2:"
echo " $0 tcp -d 1 "
echo " Clean previous rules"
echo "Notes: please make sure net.ipv4.ip_forward=1 in /etc/sysctl.conf and run \"sysctl -p\" to apply changes"
}

if [ $# -ne 4 ]; then 
if [ $# -ne 2 ]; then
  usage 
  exit 
fi 
fi 

if [ "$1" == "-d" ]; then
  clean_tcp_port_forward$2;
else
  sysctl -w net.ipv4.ip_forward=1
  tcp_port_forward$1 $2 $3 $4;
fi