dbr:~# cat /etc/ppp/ip-up.d/iptrule
#!/bin/sh
#
# iptrules
#
LAN_NET="192.168.0.0/24"
LAN_IF="eth0"
DSL_IF="ppp0"
SSH_P="22"
WWW_P="80"
FTP_P="21"
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP
iptables -t nat -F
iptables -t filter -F
iptables -t mangle -F
iptables -t nat -A POSTROUTING -o $DSL_IF -j MASQUERADE
iptables -t filter -A FORWARD -i $DSL_IF -o $LAN_IF -m state \
--state RELATED,ESTABLISHED -j ACCEPT
iptables -t filter -A FORWARD -i $LAN_IF -o $DSL_IF -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport $SSH_P -j ACCEPT
iptables -t filter -A INPUT -p tcp -i $LAN_IF -s $LAN_NET --dport 3000 \
-j ACCEPT
iptables -t filter -A INPUT -p tcp -i $LAN_IF -s $LAN_NET --dport $WWW_P \
-j ACCEPT
iptables -t filter -A INPUT -p tcp -i $LAN_IF -s $LAN_NET --dport $FTP_P \
-j ACCEPT
iptables -t filter -A INPUT -p tcp -i $LAN_IF -s $LAN_NET -m state \
--state RELATED,ESTABLISHED -j ACCEPT
iptables -t filter -A INPUT -i $DSL_IF -m state \
--state RELATED,ESTABLISHED -j ACCEPT