root@router:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:02:2a:db:8e:c7
          inet addr:192.168.0.254  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::202:2aff:fedb:8ec7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:56228 errors:0 dropped:0 overruns:0 frame:0
          TX packets:93318 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:8568915 (8.1 MiB)  TX bytes:89469982 (85.3 MiB)
          Interrupt:17 Base address:0xd800

eth1      Link encap:Ethernet  HWaddr 00:24:01:60:5f:00
          inet addr:10.10.10.1  Bcast:10.10.10.255  Mask:255.255.255.0
          inet6 addr: fe80::224:1ff:fe60:5f00/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:230 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:30310 (29.5 KiB)  TX bytes:468 (468.0 B)
          Interrupt:18 Base address:0xdc00

eth2      Link encap:Ethernet  HWaddr 00:24:01:d1:54:71
          inet addr:10.10.20.1  Bcast:10.10.20.255  Mask:255.255.255.0
          inet6 addr: fe80::224:1ff:fed1:5471/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:57096 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54137 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:47262963 (45.0 MiB)  TX bytes:8481108 (8.0 MiB)
          Interrupt:19 Base address:0xe000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:744 errors:0 dropped:0 overruns:0 frame:0
          TX packets:744 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:130557 (127.4 KiB)  TX bytes:130557 (127.4 KiB)


# Routing Gateway

/sbin/route add default gw 10.10.10.2 netmask 0.0.0.0 dev eth1
/sbin/route add default gw 10.10.20.2 netmask 0.0.0.0 dev eth2

/usr/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 0/0 -j MASQUERADE

#Redirect Proxy 2005
/usr/sbin/iptables -A PREROUTING -t nat -j REDIRECT -p tcp -s 192.168.0.0/24 -d 0/0 --dport 80 --to-ports 2005

/usr/sbin/iptables -A FORWARD -p tcp --dport 80 -i eth1 -s 192.168.0.254 -j DROP
/usr/sbin/iptables -A FORWARD -p tcp --dport 80 -i eth2 -s 192.168.0.254 -j ACCEPT

/usr/sbin/iptables -A FORWARD -p tcp --dport 0:79 -i eth2 -s 192.168.0.254 -j DROP
/usr/sbin/iptables -A FORWARD -p tcp --dport 0:79 -i eth1 -s 192.168.0.254 -j ACCEPT

/usr/sbin/iptables -A FORWARD -p tcp --dport 80:61000 -i eth2 -s 192.168.0.254 -j DROP
/usr/sbin/iptables -A FORWARD -p tcp --dport 80:61000 -i eth1 -s 192.168.0.254 -j ACCEPT

/usr/sbin/iptables -A FORWARD -p tcp --dport 80 -i eth1 -d 10.10.10.2 -j REJECT
/usr/sbin/iptables -A FORWARD -p tcp --dport 80 -i eth2 -d 10.10.20.2 -j ACCEPT

/usr/sbin/iptables -A INPUT -p tcp -s 192.168.0.254 -d 10.10.10.2 --dport 80 -j DROP
/usr/sbin/iptables -A INPUT -p tcp -s 192.168.0.254 -d 10.10.20.2 --dport 80 -j ACCEPT