# cat myiptaballow.sh
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/ip_dynaddr
iptables -t nat -F
iptables -t nat -P PREROUTING DROP
iptables -A PREROUTING -t nat -m state --state NEW -m tcp -p tcp --dport 6881 -j ACCEPT
iptables -A PREROUTING -t nat -s 172.16.255.0/24 -j ACCEPT
iptables -A PREROUTING -t nat -s 172.16.0.0/24 -j ACCEPT
iptables -A PREROUTING -t nat -i eth0 -p tcp -m tcp -d ! 172.16.0.1 --dport 80 -j REDIRECT --to-port 3128
iptables -A POSTROUTING -t nat -s 172.16.0.0/16 -o ppp0 -j MASQUERADE
#开6881是为了 BT