snat.txt
#!/bin/sh
INET_IF="ppp0"
LAN_IF="eth1"
LAN_IP_RANGE="192.168.0.0/24"
IPT="/sbin/iptables"
MODPROBE="/sbin/modprobe"
echo "1" > /proc/sys/net/ipv4/ip_forward
/sbin/depmod -a
$MODPROBE ip_tables
$MODPROBE ip_conntrack
$MODPROBE ip_conntrack_ftp
$MODPROBE iptable_nat
$MODPROBE ip_nat_ftp
$MODPROBE ipt_LOG
for TABLE in filter nat mangle ; do
$IPT -t $TABLE -F
$IPT -t $TABLE -X
done
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -A FORWARD -i $INET_IF -o $LAN_IF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -i $LAN_IF -o $INET_IF -j ACCEPT
$IPT -t nat -A POSTROUTING -s $LAN_IP_RANGE -o $INET_IF -j MASQUERADE
