#! /bin/bash#in eth1 out eth0/etc/init.d/iptables stopiptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -F
iptables -A INPUT -i eth0 -p tcp --dport 0:1023 -j DROP
iptables -A INPUT -i eth0 -p udp --dport 0:1023 -j DROP
iptables -A FORWARD -i eth1 -j ACCEPT
iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
然后修改route
route add default gw 192.168.10.30 eth0
