post-firewall
#!/bin/sh
# LAN2=WAN2@E66 (VLAN2)
iptables -t nat -A POSTROUTING -j SNAT -o vlan2 -s 192.168.1.0/24 --to-source 10.1.45.18
iptables -t filter -A FORWARD -i ! br0 -o vlan2 -j DROP
# port-forwarding for dc++ [10001 port on note]
iptables -t nat -A PREROUTING -p tcp dport 10001 -j DNAT --to 192.168.1.4
iptables -t nat -A PREROUTING -p udp dport 10001 -j DNAT --to 192.168.1.4
# open port for rtorrent [51777 on 500gp]
iptables -I INPUT -p tcp --dport 51777 -j ACCEPT
# disable DDos-protection for 10001 & 51777 ports
iptables -I SECURITY -p tcp --dport 51777 -j RETURN
iptables -I SECURITY -p tcp --dport 10001 -j RETURN
iptables -I SECURITY -p udp --dport 10001 -j RETURN
### routing for Olympus
#iptables -t nat -A POSTROUTING -j SNAT -o vlan1 -s 192.168.1.0/24 --to-source 10.2.26.6
route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.2.26.3