#!/bin/sh -x 
# ppp0 is inet interface !

echo "iptables: "

if [ -e /sbin/iptables ] ; then

# clear previous rules	
   iptables -F 
   iptables -t nat -F
   iptables -t nat -F OUTPUT
   iptables -t nat -F PREROUTING 
   iptables -t nat -X block
   iptables -X block

# set masquerade for ppp0
   iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# a chain rule named "block" iptable -L to check it
    iptables -N block
# iptables -N block -t nat 
    iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT

# accept some stuff
iptables -A block -i ppp0 -p tcp --dport 22 -j ACCEPT
iptables -A block -i ppp0 -p tcp --dport 80 -j ACCEPT
iptables -A block -i ppp0 -p tcp --dport 5222 -j ACCEPT
iptables -A block -i ppp0 -p tcp --dport 21 -j ACCEPT

iptables -A block -i ppp0 -p tcp --dport 8080 -j ACCEPT
iptables -A block -i ppp0 -p tcp --dport 8010 -j ACCEPT
iptables -A block -i ppp0 -p tcp --dport 667 -j ACCEPT
iptables -A block -i ppp0 -p tcp --dport 668 -j ACCEPT
iptables -A block -i ppp0 -p tcp --dport 6112 -j ACCEPT
iptables -A block -i ppp0 -p udp --dport 6112 -j ACCEPT

# otherwise DROP!
iptables -A block -j DROP 

# this is for andrei's webserver
iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 8080 \
        -j DNAT --to 192.168.0.9:80

# this is for Philipps webserver
iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 8010 \
	-j DNAT --to 192.168.0.25:80

# this is for ssh to andrei's machine
iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 667 \
        -j DNAT --to 192.168.0.9:22

# this is for ssh to Philipps machine	
iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 668 \
	-j DNAT --to 192.168.0.25:22	

###### Warcraft 3 Bullshit  #######
iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 6112 \
	-j DNAT --to 192.168.0.77:6112
iptables -A PREROUTING -t nat -p udp -i ppp0 --dport 6112 \
	-j DNAT --to 192.168.0.77:6112

iptables -A POSTROUTING -t nat -p tcp -s 192.168.0.77 -o ppp0 --dport 6112 \
        -j SNAT --to 212.54.26.192:6112
iptables -A POSTROUTING -t nat -p udp -s 192.168.0.77 -o ppp0 --dport 6112 \
	        -j SNAT --to 212.54.26.192:6112

###########################

	
## Apply "block" chain to input and forward packets 
iptables -A INPUT -j block
iptables -A FORWARD -j block


# enable forwarding
echo "1" > /proc/sys/net/ipv4/ip_forward

echo -n "[iptables]"
fi