--- kamikaze_7.09.orig/package/iptables/files/firewall.user	2008-08-06 16:13:31.000000000 +0200
+++ kamikaze_7.09/package/iptables/files/firewall.user	2008-08-06 16:13:46.000000000 +0200
@@ -1,30 +1,43 @@
-#!/bin/sh
+#!/bin/sh                       
 # Copyright (C) 2006 OpenWrt.org
+                                                                            
+iptables -F                                                                 
+iptables -P INPUT ACCEPT                                                    
+iptables -F INPUT                                                           
+iptables -P OUTPUT ACCEPT                                                   
+iptables -F OUTPUT                                                          
+iptables -P FORWARD ACCEPT                                                  
+iptables -F FORWARD                                                         
+                                                                            
+iptables -t nat -A POSTROUTING -s 192.168.6.0/24 -d 192.168.6.0/24 -j ACCEPT
+iptables -t nat -A POSTROUTING -s 192.168.6.0/24 -j MASQUERADE              
+                                                                
+                                                                
+                                                                
+#iptables -F input_rule                                         
+#iptables -F output_rule                                        
+#iptables -F forwarding_rule                                    
+#iptables -t nat -F prerouting_rule                             
+#iptables -t nat -F postrouting_rule                            
+                                                                    
+# The following chains are for traffic directed at the IP of the    
+# WAN interface                                                     
+                                                                    
+#iptables -F input_wan                                              
+#iptables -F forwarding_wan                                         
+#iptables -t nat -F prerouting_wan
 
-iptables -F input_rule
-iptables -F output_rule
-iptables -F forwarding_rule
-iptables -t nat -F prerouting_rule
-iptables -t nat -F postrouting_rule
-
-# The following chains are for traffic directed at the IP of the 
-# WAN interface
-
-iptables -F input_wan
-iptables -F forwarding_wan
-iptables -t nat -F prerouting_wan
-
-### Open port to WAN
+### Open port to WAN                                            
 ## -- This allows port 22 to be answered by (dropbear on) the router
-# iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT 
-iptables        -A input_wan      -p tcp --dport 22 -j ACCEPT
-
-### Port forwarding
-## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2
+# iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT     
+#iptables        -A input_wan      -p tcp --dport 22 -j ACCEPT      
+                                                                    
+### Port forwarding                                                 
+## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2  
 # iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80
-# iptables        -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT
-
-### DMZ
-## -- Connections to ports not handled above will be forwarded to 192.168.1.2
-# iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2
+# iptables        -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT     
+                                                                                   
+### DMZ                                                                            
+## -- Connections to ports not handled above will be forwarded to 192.168.1.2      
+# iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2                       
 # iptables        -A forwarding_wan -d 192.168.1.2 -j ACCEPT