#!/bin/sh
### BEGIN INIT INFO
# Provides:          bridge 
# Required-Start:    network
# Should-Start:     
# Required-Stop:     
# Should-Stop:      
# Default-Start:     3 5
# Default-Stop:      0 1 2 6
# Short-Description: bridge
# Description:       Start bridge
### END INIT INFO

. /etc/rc.status

rc_reset

case "$1" in
    start)
        echo -n "Starting bridge "

#################################
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

echo 1 > /proc/sys/net/ipv4/ip_forward

INTDEV="br1"
EXTDEV="eth0"
INTERN=10.0.0.10
EXTERN=193.170.221.4

## NAT-Regeln ##
# Zugriff nach außen
iptables -t nat -A POSTROUTING -o $EXTDEV -s $INTERN -j SNAT --to-source $EXTERN
# Zugriff von außen
iptables -t nat -A PREROUTING -i $EXTDEV -p tcp -d $EXTERN -m multiport --dport 25,53,80,110,443,8080 -j DNAT --to-destination $INTERN

## Firewall-Regeln ==
# Akzeptiere alle aufgebauten Verbindungen
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -j MASQUERADE

#################################
        rc_status -v
        ;;
    stop)
        echo -n "Shutting down bridge "

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

#################################

        rc_status -v
        ;;
    restart)
        $0 stop
        $0 start

        rc_status
        ;;
    *)
        echo "Usage: $0 {start|stop|restart}"
        exit 1
        ;;
esac
rc_exit