Iptables help

[bilboSNB]

Does anyone know how to adjust these rules so that they also apply to vpn clients?

iptables -t nat -A PREROUTING -i br0 -s `nvram get lan_ipaddr`/`nvram get lan_netmask` -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! 192.168.0.1 -p tcp -d 216.239.32.20 --dport 80 -j DNAT --to 192.168.0.1:8118
iptables -t nat -I POSTROUTING -o br0 -s `nvram get lan_ipaddr`/`nvram get lan_netmask` -d 192.168.0.1 -p tcp -j SNAT --to `nvram get lan_ipaddr`
iptables -I FORWARD -i br0 -o br0 -s `nvram get lan_ipaddr`/`nvram get lan_netmask` -d 192.168.0.1 -p tcp --dport 8118 -j ACCEPT

thanks.

 

[bilboSNB]

Is this way off?

iptables -t nat -A PREROUTING -i tun21 -s ! 192.168.0.1 -p tcp -d 216.239.32.20 --dport 80 -j DNAT --to 192.168.0.1:8118
iptables -t nat -A POSTROUTING -o tun21 -s 10.8.0.1/24 -d 192.168.0.1 -j SNAT --to 192.168.0.1
iptables -A FORWARD -s 10.8.0.1/24 -d 192.168.0.1 -i tun21 -o tun21 -p tcp --dport 8118 -j ACCEPT