{{{ IF=$1 PUBIP=$2 MASK=$3 PRIVIP=$4 /sbin/ip addr add $PUBIP/$MASK dev $IF #/sbin/iptables -t nat -A PREROUTING -i $IF -d $PUBIP -j DNAT --to $PRIVIP #/sbin/iptables -t nat -A POSTROUTING -o $IF -s $PRIVIP -j SNAT --to $PUBIP /sbin/iptables -t nat -A PREROUTING -d $PUBIP -j DNAT --to $PRIVIP /sbin/iptables -t nat -A POSTROUTING -s $PRIVIP -j SNAT --to $PUBIP if [ $# -eq 5 ];then TABLE=$5 /sbin/ip rule add from $PRIVIP table $TABLE fi }}} {{{ ./pubip-up eth0 10.172.0.42 24 192.168.222.42 }}} {{{ /sbin/brctl addbr vbr2 /sbin/brctl setfd vbr2 0 /sbin/ifconfig vbr2 192.168.222.1 netmask 255.255.255.0 promisc up /sbin/iptables -t nat -A POSTROUTING -o vbr0 -j MASQUERADE }}} {{{ ./vbr2-up }}} {{{ /sbin/iptables -t nat -D POSTROUTING -o vbr0 -j MASQUERADE /sbin/ifconfig vbr2 down /sbin/brctl delbr vbr2 }}} {{{ ./vbr2-down }}}