#!/bin/sh
# Used for private firewall rules
# See how we were called.
case “$1” in
start)
## add your ‘start’ rules here
# COPFILTER START – do not modify
/etc/rc.d/init.d/copfilter_proxsmtpd config_fwrules
# COPFILTER END – do not modify
### planetary / mage
/sbin/iptables -t nat -A CUSTOMPOSTROUTING -s 192.168.1.3 -o eth1 -j SNAT –to-source 72.68.153.10
/sbin/iptables -t nat -A CUSTOMPOSTROUTING -s 192.168.1.4 -o eth1 -j SNAT –to-source 72.68.153.12
### apple youtube fix
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d iphone-wu.apple.com -j ACCEPT
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d gdata.youtube.com -j ACCEPT
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d fgpq.vp.video.l.google.com -j ACCEPT
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d vp.video.google.com -j ACCEPT
### citibank
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d .citibank.com -j ACCEPT
;;
stop)
## add your ‘stop’ rules here
# apple youtube fix
/sbin/iptables -t nat -F CUSTOMPREROUTING
;;
reload)
$0 stop
$0 start
## add your ‘reload’ rules here
### planetary / mage
/sbin/iptables -t nat -A CUSTOMPOSTROUTING -s 192.168.1.3 -o eth1 -j SNAT –to-source 72.68.153.10
/sbin/iptables -t nat -A CUSTOMPOSTROUTING -s 192.168.1.4 -o eth1 -j SNAT –to-source 72.68.153.12
### apple youtube fix
/sbin/iptables -t nat -F CUSTOMPREROUTING
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d iphone-wu.apple.com -j ACCEPT
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d gdata.youtube.com -j ACCEPT
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d fgpq.vp.video.l.google.com -j ACCEPT
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d vp.video.google.com -j ACCEPT
### citibank
/sbin/iptables -t nat -A CUSTOMPREROUTING -p tcp –dport 80 -d .citibank.com -j ACCEPT
;;
*)
echo “Usage: $0 {start|stop|reload}”
;;
esac