ROUTER: ifconfig eth1 192.168.0.1/24 up dhclient eth0 echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -j SNAT -o eth0 --to 10.18.3.55 iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP iptables -A INPUT -j ACCEPT -i eth1 -s 192.168.0.0/24 -d 192.168.0.1 iptables -A OUTPUT -j ACCEPT -o eth1 -s 192.168.0.1 -d 192.168.0.0/24 iptables -A INPUT -j ACCEPT -i eth0 -d 10.18.3.55 -m state --state ESTABLISHED,RELATED iptables -A OUTPUT -j ACCEPT -o eth0 -s 10.18.3.55 iptables -A FORWARD -j DROP -i eth1 -o eth0 -s 192.168.0.0/24 -d 212.77.98.9 -p tcp --dport 80 iptables -A FORWARD -j DROP -i eth1 -o eth0 -s 192.168.0.0/24 -d 212.77.98.9 -p tcp --dport 443 iptables -A FORWARD -j DROP -i eth1 -o eth0 -s 192.168.0.0/24 -d 8.8.8.8 -p udp --dport 53 iptables -A FORWARD -j DROP -i eth1 -o eth0 -s 192.168.0.0/24 -d 8.8.8.8 -p tcp --dport 53 iptables -A FORWARD -j ACCEPT -i eth1 -o eth0 -s 192.168.0.0/24 iptables -A FORWARD -j ACCEPT -i eth0 -o eth1 -d 192.168.0.0/24 -m state --state ESTABLISHED,RELATED iptables -A INPUT -j ACCEPT -i eth0 -d 10.18.3.55 -p icmp --icmp-type 8 -s 10.0.0.0/8 iptables -A INPUT -j ACCEPT -i eth0 -d 10.18.3.55 -p tcp --dport 22 -s 10.18.3.111 iptables -t nat -A PREROUTING -j DNAT -p tcp --to 192.168.0.5:22 -i eth0 -s 10.18.3.111 -d 10.18.3.55 --dport 9022 iptables -A FORWARD -j ACCEPT -i eth0 -o eth1 -d 192.168.0.5 -m state --state NEW -p tcp --dport 22 iptables -t nat -A PREROUTING -j DNAT -p tcp --to 192.168.0.5:80 -i eth0 -d 10.18.3.55 --dport 8080 iptables -A FORWARD -j ACCEPT -i eth0 -o eth1 -d 192.168.0.5 -m state --state NEW -p tcp --dport 80 LAN: ifconfig eth1 192.168.0.5/24 up route add default gw 192.168.0.1 echo nameserver 8.8.8.8 > /etc/resolv.conf