#!/bin/sh
netip=$1
cncip=$2
internal=$3
endip=$4
#netip to internal
for ((a=2;a<=$endip;a++))
do
for fwsm in 22 21 80 1433 3306 3389
do
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $(($a*1000+$fwsm)) -j DNAT --to-destination $internal.$a:$fwsm" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $(($a*1000+$fwsm)) -j DNAT --to-destination $internal.$a:$fwsm" >> 1.txt
done
done
#add ftp port
for ((a=2;a<=endip;a++))
do
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50000+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50000+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50000+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50000+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50001+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50001+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50001+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50001+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50002+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50002+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50002+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50002+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50003+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50003+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50003+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50003+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50004+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50004+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50004+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50004+($a-2)*5))" >> 1.txt
done
netip=$1
cncip=$2
internal=$3
endip=$4
#netip to internal
for ((a=2;a<=$endip;a++))
do
for fwsm in 22 21 80 1433 3306 3389
do
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $(($a*1000+$fwsm)) -j DNAT --to-destination $internal.$a:$fwsm" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $(($a*1000+$fwsm)) -j DNAT --to-destination $internal.$a:$fwsm" >> 1.txt
done
done
#add ftp port
for ((a=2;a<=endip;a++))
do
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50000+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50000+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50000+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50000+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50001+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50001+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50001+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50001+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50002+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50002+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50002+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50002+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50003+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50003+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50003+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50003+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $netip/32 -p tcp -m tcp --dport $((50004+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50004+($a-2)*5))" >> 1.txt
echo "-A PREROUTING -d $cncip/32 -p tcp -m tcp --dport $((50004+($a-2)*5)) -j DNAT --to-destination $internal.$a:$((50004+($a-2)*5))" >> 1.txt
done
-A POSTROUTING -s 192.168.0.0/24 -o br0 -j MASQUERADE
