# set-spoofports.sh
# Firewall rules for Portspoof
#! /bin/bash

# Ports 20-22, 25, 53, 80, 110, 111, 123, 443, 465, 587, 892, 2049, 8080, 32803 are "legitimate", all others are "sticky"
spoofPorts="1:19 23:24 26:52 54:79 81:109 112:122 124:442 444:464 466:586 588:891 893:2048 2050:8079 8081:32800 32801:65535"

for prange in ${spoofPorts}; do
   iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport ${prange} -j REDIRECT --to-ports 4444
done