# Generated by iptables-save v1.2.6a on Fri Dec 27 11:46:39 2002
*mangle
:PREROUTING ACCEPT [63677:32866790]
:INPUT ACCEPT [1209:422172]
:FORWARD ACCEPT [62468:32444618]
:OUTPUT ACCEPT [1240:407078]
:POSTROUTING ACCEPT [63708:32851696]
COMMIT
# Completed on Fri Dec 27 11:46:39 2002
# Generated by iptables-save v1.2.6a on Fri Dec 27 11:46:39 2002
*nat
:PREROUTING ACCEPT [18370:852976]
:POSTROUTING ACCEPT [1544:77543]
:OUTPUT ACCEPT [108:6499]

#------retour E-donkey-------
-A PREROUTING -i ppp0 -p tcp -m tcp --dport 4662 -j DNAT --to 10.10.10.10-10.10.10.11 
-A PREROUTING -i ppp0 -p udp -m udp --dport 4672 -j DNAT --to 10.10.10.10-10.10.10.11 
-A PREROUTING -i ppp0 -p udp -m udp --dport 4665 -j DNAT --to 10.10.10.10-10.10.10.11 
-A PREROUTING -i ppp0 -p tcp -m tcp --dport 4661 -j DNAT --to 10.10.10.10-10.10.10.11 
#------retour XP bureau distant 
-A PREROUTING -i ppp0 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 10.10.10.10
#-------Transparent proxy------
-A PREROUTING -s 10.10.10.0/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.10.10.1:3128


#-------- web ********* ver windows
-A PREROUTING -i ppp0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.10.10.10:80


#---------- ftp sa marche pas bien..  --------*-*-*--
-A PREROUTING -i ppp0 -p tcp -m tcp --dport 21 -j DNAT --to-destination 192.168.0.10:21
-A POSTROUTING -s 10.10.10.0/255.255.255.0 -j MASQUERADE 
-A POSTROUTING -o ppp0 -j MASQUERADE 
COMMIT
# Completed on Fri Dec 27 11:46:39 2002
# Generated by iptables-save v1.2.6a on Fri Dec 27 11:46:39 2002
*filter
:INPUT ACCEPT [1794:408229]
:FORWARD ACCEPT [452706:185878499]
:OUTPUT ACCEPT [4185:747381]
:INPUT - [0:0]
-A INPUT -p tcp -m tcp --dport 4661:4663 -j ACCEPT
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -m state --state ESTABLISHED -j ACCEPT
-A FORWARD -m state --state RELATED -j ACCEPT
-A INPUT -s 193.252.19.4 -p udp -m udp --sport 53 --dport 1025:65535 -j ACCEPT
-A INPUT -s 193.252.19.3 -p udp -m udp --sport 53 --dport 1025:65535 -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 80 --tcp-flags SYN,RST,ACK SYN -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 23 --tcp-flags SYN,RST,ACK SYN -j ACCEPT 
-A INPUT -i eth0 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
-A INPUT -i eth1 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -i eth0 -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 0:1023 --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable 
-A INPUT -p tcp -m tcp --dport 2049 --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable 
-A INPUT -p udp -m udp --dport 0:1023 -j REJECT --reject-with icmp-port-unreachable 
-A INPUT -p udp -m udp --dport 2049 -j REJECT --reject-with icmp-port-unreachable 
-A INPUT -p tcp -m tcp --dport 6000:6009 --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable 
-A INPUT -p tcp -m tcp --dport 7100 --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable 
COMMIT
# Completed on Fri Dec 27 11:46:39 2002