INTERNET="ppp+"
IFACE_WEB="eth0"
IFACE_REDE="eth1"
REDE_INTERNA="10.1.1.0/24"
PORTAS_TCP="20,21,22,53,67,80,119,139,143,443,631,32400,6667,8001,34567"
PORTAS_UDP="53,67,119,123,34567,1024"
PORTAS_REDE_INTERNA="21,53,67,80,119,139,443,6667,8001,3389,32400,34567,10002"
PORTAS_TORRENT="6881:6999,34567"
PORTAS_SKYPE="1024:65535"
function start () {
iptables -F
iptables -X
iptables -Z
iptables -t nat -F
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# HABILITA O ROTEAMENTO NO KERNEL #
echo 1 > /proc/sys/net/ipv4/ip_forward
# FAZ O NAT
#iptables -t nat -A POSTROUTING -s $REDE_INTERNA -o $IFACE_WEB -j MASQUERADE
iptables -t nat -A POSTROUTING -s $REDE_INTERNA -o $INTERNET -j MASQUERADE
# FAZ DHCP