#!/bin/bash
IPT=/usr/local/sbin/iptables
INT=eth0
EXT=eth1
# Limpando Regras antigas
$IPT -t nat -F
$IPT -t filter -F
$IPT -t mangle -F
$IPT -t nat -X
$IPT -t filter -X
$IPT -t mangle -X
# Definicao de regras padrão
#$IPT -P INPUT DROP
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -t nat -A PREROUTING -s 10.0.0.0/32 -i $INT -d 0/0 -p tcp --dport 80 -j REDIRECT --to-port 3128
$IPT -t nat -A POSTROUTING -o $EXT -j MASQUERADE
$IPT -t nat -A PREROUTING -s 10.0.0.0/24 -d 10.0.0.254/32 -p tcp --dport 222 -j DNAT --to 10.0.0.20:22
$IPT -t nat -A POSTROUTING -o eth0 -j MASQUERADE