Browse Source

script to create redirections for every port

Fabio Arnold 9 years ago
parent
commit
e17b7c94e1
1 changed files with 17 additions and 0 deletions
  1. 17 0
      assets/payload/redirect-ports.sh

+ 17 - 0
assets/payload/redirect-ports.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+# redirects ports below 1024 to a higher range using iptables, so they can be used without elevated rights
+# MySQL SIP (3306 and 5060) are left out because they are >= 1024 anyways
+
+#             ECHO  FTP   HTTP  HTTPS SMB (NETBIOS UDP & TCP) SSH   TELNET
+protocol=(    "tcp" "tcp" "tcp" "tcp" "udp" "udp" "tcp" "tcp" "tcp" "tcp" )
+origin=(       7     21    80    443   137   138   137   139   22    23   )
+destination=( 28144 28169 28217 28580 28274 28275 28274 28276 28159 28160 ) # simply offset by 1024 + 27113
+length=${#protocol[@]} # count protocol elements
+
+for (( i=0; i<$length; i++ ))
+do
+	# echo ${protocol[$i]} ${origin[$i]} ${destination[$i]} # debug
+	iptables -t nat -A PREROUTING -p ${protocol[$i]} --dport ${origin[$i]} -j REDIRECT --to-ports ${destination[$i]}
+	iptables -t nat -A OUTPUT -p ${protocol[$i]} --dport ${destination[$i]} -j REDIRECT --to-ports ${origin[$i]}
+done