#!/bin/sh

sudo iptables -F
sudo iptables -A PREROUTING -t nat -p tcp --dport 80 -j DNAT --to-destination :5555
sudo iptables -A POSTROUTING -t nat -p tcp --dport 5555 -j SNAT --to-source :80
sudo iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "prerules: " --log-level debug
sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5555 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "postrules: " --log-level debug
sudo iptables -P INPUT DROP