#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

# Flush
iptables --flush
iptables --flush -t nat

# NAT
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j SNAT --to-source 192.168.0.252

# L4 Redirects
iptables -t nat -A PREROUTING -p tcp --dport 80 -m isg --service-name OFF-LINE -j DNAT --to-destination  192.168.0.250
iptables -t nat -A PREROUTING -p tcp --dport 80 -m isg --service-name PASSIVE -j DNAT --to-destination  192.168.0.250
iptables -t nat -A PREROUTING -p tcp --dport 80 -m isg --service-name DOWN -j DNAT --to-destination  192.168.0.250

# Linux ISG rules
iptables -A FORWARD -s 10.0.0.0/24 -j ISG --session-init
iptables -A FORWARD -d 10.0.0.0/24 -j ISG

exit 0