*filter
-A INPUT -j tcprules
-A FORWARD -j tcprules
-A tcprules -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A tcprules -i ! eth1 -m state --state NEW -j ACCEPT
-A tcprules -i eth1 -m state --state INVALID,NEW -j DROP
-A tcprules -i eth1 -j REJECT --reject-with icmp-host-unreachable
COMMIT
*nat
-A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE
COMMIT