#!/bin/bash

#this is your wan interface
inet=ppp0

echo Flushing tables...
iptables -t nat -F
iptables -F

echo Activating Firewall...
/sbin/iptables -N block
/sbin/iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A block -m state --state NEW -i ! $inet -j ACCEPT
/sbin/iptables -A block -j LOG
/sbin/iptables -A block -j DROP
/sbin/iptables -A INPUT -j block
/sbin/iptables -A FORWARD -j block

echo Enabling IP Forwarding...
echo "1" > /proc/sys/net/ipv4/ip_forward

#friendlynet=xx.xx.xx.xx/32
#echo Allowing $allowin full incoming access...
#/sbin/iptables -A block -s $friendlynet -j ACCEPT

allowport=80
#echo Allowing incoming connections on port $allowin...
#/sbin/iptables *** -FIXME ***

echo Activating Masquerading...
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

echo Activating Transparent Proxying...
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT
--to-port 3128
#iptables -t nat -A PREROUTING -i $inet -p udp --dport $ports -j DNAT
--to-dest $dest



#ports=666:668
#dest=192.168.0.95
#
#echo Forwarding ports $ports to $dest...
#iptables -t nat -A PREROUTING -i $inet -p udp --dport $ports -j DNAT
--to-dest $dest
#iptables -A FORWARD -p udp -i $inet --dport $ports -d $dest -j ACCEPT
#
#ports=27001
#dest=192.168.0.95
#
#echo Forwarding ports $ports to $dest...
#iptables -t nat -A PREROUTING -i $inet -p udp --dport $ports -j DNAT
--to-dest $dest
#iptables -A FORWARD -p udp -i $inet --dport $ports -d $dest -j ACCEPT

ports=27001
dest=192.168.0.4

echo Forwarding udp ports $ports to $dest...
iptables -t nat -A PREROUTING -i $inet -p udp --dport $ports -j DNAT
--to-dest $dest
#iptables -A FORWARD -p udp -i $inet --dport $ports -d $dest -j ACCEPT