#!/bin/shPATH=/usr/sbin:/sbin:/bin:/usr/bin## delete all existing rule

1. #!/bin/sh
2.  
3. PATH=/usr/sbin:/sbin:/bin:/usr/bin
4.  
5. #
6. # delete all existing rules.
7. #
8. iptables -F
9. iptables -t nat -F
10. iptables -t mangle -F
11. iptables -X
12.  
13. # Always accept loopback traffic
14. iptables -A INPUT -i lo -j ACCEPT
15.  
16.  
17. # Allow established connections, and those not coming from the outside
18. iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
19. iptables -A INPUT -m state --state NEW -i ! eth1 -j ACCEPT
20. iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
21.  
22. # Allow outgoing connections from the LAN side.
23. iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
24.  
25. # Masquerade.
26. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
27.  
28. # Don't forward from the outside to the inside.
29. iptables -A FORWARD -i eth1 -o eth0 -j REJECT
30.  
31. # Enable routing.
32. echo 1 > /proc/sys/net/ipv4/ip_forward