old-firewall/rules/11-q3k-forwards

#!/bin/bash
rules() {
    # xpsp3 rdp
    # 16283 -> 10.24.17.1:3389 
    iptables -t nat $flag PREROUTING -i ${IF_WAN} -d ${HOST_KASHA_WAN} -p tcp --dport 16283 -j DNAT --to-destination 10.24.17.1:3389
    iptables -t filter $flag FORWARD -i ${IF_WAN} -d 10.24.17.1 -p tcp --dport 3389 -j ACCEPT
    iptables -t filter $flag FORWARD -i ${IF_WAN} -d 10.24.16.1 -p tcp --dport 22 -j ACCEPT
    iptables -t nat $flag PREROUTING -i ${IF_WAN} -d ${HOST_KASHA_WAN} -p tcp --dport 16284 -j DNAT --to-destination 10.24.16.1:22

}