#!/bin/bash
IPTABLES=iptables
IPTABLES6=ip6tables
set -x
modprobe ipt_LOG # old?
modprobe ip6t_LOG # old?
modprobe nf_log_ipv4
modprobe nf_log_ipv6
sysctl net.netfilter.nf_log.2=nf_log_ipv4
sysctl net.netfilter.nf_log.10=nf_log_ipv6
echo 1 > /proc/sys/net/ipv4/ip_forward || fail "Can not set IP forwarding"
echo " Clearing any existing rules and setting default policy.."
$IPTABLES -P INPUT ACCEPT ; $IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT ; $IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP ; $IPTABLES -F FORWARD
$IPTABLES -t nat -F ; $IPTABLES -t raw -F
$IPTABLES6 -P INPUT ACCEPT ; $IPTABLES6 -F INPUT
$IPTABLES6 -P OUTPUT ACCEPT ; $IPTABLES6 -F OUTPUT
$IPTABLES6 -P FORWARD DROP ; $IPTABLES6 -F FORWARD
$IPTABLES6 -t nat -F ; $IPTABLES6 -t raw -F
EXTIF="ens3" # my NIC that connects into Gateway to Internet
INTIF="galaxy1" # the tuntap - my NIC that connects into the Client(s) that want to NAT through me
echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES6 -A FORWARD -j LOG
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE # ***
$IPTABLES -A INPUT -i "$INTIF" -j ACCEPT
$IPTABLES -A OUTPUT -o "$INTIF" -j ACCEPT
$IPTABLES -A FORWARD -j ACCEPT
{"html5":"htmlmixed","css":"css","javascript":"javascript","php":"php","python":"python","ruby":"ruby","lua":"text\/x-lua","bash":"text\/x-sh","go":"go","c":"text\/x-csrc","cpp":"text\/x-c++src","diff":"diff","latex":"stex","sql":"sql","xml":"xml","apl":"apl","asterisk":"asterisk","c_loadrunner":"text\/x-csrc","c_mac":"text\/x-csrc","coffeescript":"text\/x-coffeescript","csharp":"text\/x-csharp","d":"d","ecmascript":"javascript","erlang":"erlang","groovy":"text\/x-groovy","haskell":"text\/x-haskell","haxe":"text\/x-haxe","html4strict":"htmlmixed","java":"text\/x-java","java5":"text\/x-java","jquery":"javascript","mirc":"mirc","mysql":"sql","ocaml":"text\/x-ocaml","pascal":"text\/x-pascal","perl":"perl","perl6":"perl","plsql":"sql","properties":"text\/x-properties","q":"text\/x-q","scala":"scala","scheme":"text\/x-scheme","tcl":"text\/x-tcl","vb":"text\/x-vb","verilog":"text\/x-verilog","yaml":"text\/x-yaml","z80":"text\/x-z80"}