aboutsummaryrefslogtreecommitdiff
path: root/doc/le-iptables.sh
blob: 28cecaea8b7391a5d8ed1ab618d8f52a831af28a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
#!/bin/sh

for host in outbound1.letsencrypt.org outbound2.letsencrypt.org; do
	for port in 80 443; do
		dest=$((port+8000))
		iptables --table nat --append PREROUTING --protocol tcp \
			--source $host --dport $port --jump REDIRECT --to-ports $dest
	done
done

iptables --table filter --append INPUT --protocol tcp \
	--match multiport --dports 8080,8443 --jump ACCEPT