2024-10-21 18:29:51 +03:00
|
|
|
TP_PORT=900
|
|
|
|
TP_USER=daemon
|
|
|
|
|
2024-10-21 20:50:28 +03:00
|
|
|
EXCLUDE4="10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 169.254.0.0/16"
|
|
|
|
EXCLUDE6="fc00::/7 fe80::/10"
|
|
|
|
|
2024-10-21 18:29:51 +03:00
|
|
|
exists()
|
|
|
|
{
|
|
|
|
which "$1" >/dev/null 2>/dev/null
|
|
|
|
}
|
|
|
|
|
|
|
|
ipt()
|
|
|
|
{
|
2024-10-21 20:50:28 +03:00
|
|
|
$IPTABLES -C "$@" >/dev/null 2>/dev/null || $IPTABLES -I "$@"
|
2024-10-21 18:29:51 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
redirect_port()
|
|
|
|
{
|
2024-10-21 20:50:28 +03:00
|
|
|
ipt tpws -t nat -p tcp --dport $1 -j REDIRECT --to-port $2
|
2024-10-21 18:29:51 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
redirect()
|
|
|
|
{
|
|
|
|
redirect_port 80 $TP_PORT
|
|
|
|
redirect_port 443 $TP_PORT
|
|
|
|
}
|
|
|
|
|
|
|
|
for IPTABLES in iptables ip6tables; do
|
2024-10-21 20:50:28 +03:00
|
|
|
$IPTABLES -t nat -N tpws 2>/dev/null
|
|
|
|
$IPTABLES -t nat -F tpws
|
2024-10-21 20:54:22 +03:00
|
|
|
redirect
|
2024-10-21 18:29:51 +03:00
|
|
|
done
|
2024-10-21 20:50:28 +03:00
|
|
|
|
|
|
|
for net in $EXCLUDE4
|
|
|
|
do
|
|
|
|
iptables -t nat -I tpws -d $net -j RETURN
|
|
|
|
done
|
|
|
|
for net in $EXCLUDE6
|
|
|
|
do
|
|
|
|
ip6tables -t nat -I tpws -d $net -j RETURN
|
|
|
|
done
|
|
|
|
|
|
|
|
for IPTABLES in iptables ip6tables; do
|
|
|
|
ipt PREROUTING -t nat -j tpws
|
|
|
|
ipt OUTPUT -t nat -m owner ! --uid-owner $TP_USER -j tpws
|
|
|
|
done
|