Initial commit – AufmaßCreater v2.35

2026-06-10 11:03:43 +02:00
commit 84c933ea9c
2823 changed files with 490495 additions and 0 deletions
@@ -0,0 +1,28 @@
+#!/bin/bash
+# NetBird iptables rules - add only, no flush to preserve Docker rules
+
+# DNAT rules for incoming traffic (only from vmbr0/external)
+iptables -t nat -C PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to-destination 192.168.222.111:80 2>/dev/null || \
+  iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to-destination 192.168.222.111:80
+
+iptables -t nat -C PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to-destination 192.168.222.111:443 2>/dev/null || \
+  iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to-destination 192.168.222.111:443
+
+iptables -t nat -C PREROUTING -i vmbr0 -p udp --dport 3478 -j DNAT --to-destination 192.168.222.111:3478 2>/dev/null || \
+  iptables -t nat -A PREROUTING -i vmbr0 -p udp --dport 3478 -j DNAT --to-destination 192.168.222.111:3478
+
+# FORWARD rules for container traffic
+iptables -C FORWARD -p tcp -d 192.168.222.111 --dport 80 -j ACCEPT 2>/dev/null || \
+  iptables -A FORWARD -p tcp -d 192.168.222.111 --dport 80 -j ACCEPT
+
+iptables -C FORWARD -p tcp -d 192.168.222.111 --dport 443 -j ACCEPT 2>/dev/null || \
+  iptables -A FORWARD -p tcp -d 192.168.222.111 --dport 443 -j ACCEPT
+
+iptables -C FORWARD -p udp -d 192.168.222.111 --dport 3478 -j ACCEPT 2>/dev/null || \
+  iptables -A FORWARD -p udp -d 192.168.222.111 --dport 3478 -j ACCEPT
+
+# Ensure MASQUERADE exists for container outbound traffic
+iptables -t nat -C POSTROUTING -s 192.168.222.0/24 -o vmbr0 -j MASQUERADE 2>/dev/null || \
+  iptables -t nat -A POSTROUTING -s 192.168.222.0/24 -o vmbr0 -j MASQUERADE
+
+echo ok