tenho esse script mas quero bloquear a rede interna pra ping, entra em emule e acessa msn, somente deixa a navegação em sites....
REDEMASQ=192.168.2.1/24
iptables -F
iptables -F -t nat
iptables -F -t mangle
iptables -P INPUT DROP
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s $REDEMASQ -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -A FORWARD -o eth1 -m state --state NEW,INVALID -j DROP
iptables -A FORWARD -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -s $REDEMASQ -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -A INPUT -j ACCEPT
o que falta???