#!/bin/bash
# edit to your needs

IPTABLES="/sbin/iptables"

# enable ip forwarding
echo "1" > /proc/sys/net/ipv4/ip_forward

# flush existing tables
$IPTABLES -F
$IPTABLES -t nat -F

# our forwarding policy is to deny
#$IPTABLES -P FORWARD DROP

# enable masquerading on the eth0 (private) network
$IPTABLES -t nat -A POSTROUTING -o eth0 -j MASQUERADE

# forward some ports
$IPTABLES -t nat -A PREROUTING -i eth0 -p tcp –dport 8000 -j DNAT –to 192.168.0.1:8000
$IPTABLES -t nat -A PREROUTING -i eth0 -p tcp –dport 8001 -j DNAT –to 192.168.0.1:8001