Ubuntu Internet sharing

#!/bin/sh

# ------------------------------------------------------------------------------------
# See URL: http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html
# (c) 2006, nixCraft under GNU/GPL v2.0+
# http://adeelkml.com
# -------------------------------------------------------------------------------------
## Squid Server LAN IP Address
SQUID_SERVER="192.168.2.1"
## Interface connected to Internet
INTERNET="eth1"
## Interface connected to LAN
LAN_IN="eth0"
## Squid port
SQUID_PORT="8080"

# Clear old firewall
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X

## Load IPTABLES modules for NAT and IP conntrack support
modprobe ip_conntrack
modprobe ip_conntrack_ftp

## For win xp ftp client
## modprobe ip_nat_ftp
echo 1 > /proc/sys/net/ipv4/ip_forward

## Setting default filter policy
## iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT

## Unlimited access to loop back
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

## Allow UDP, DNS and Passive FTP
iptables -A INPUT -i $INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT

## set this system as a router for Rest of LAN
iptables --table nat --append POSTROUTING --out-interface $INTERNET -j MASQUERADE
iptables --append FORWARD --in-interface $LAN_IN -j ACCEPT

## unlimited access to LAN
iptables -A INPUT -i $LAN_IN -j ACCEPT
iptables -A OUTPUT -o $LAN_IN -j ACCEPT

## DNAT port 80 request comming from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy
iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT

## if it is same system
iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT

## LOG everything
iptables -A INPUT -j LOG

## Drop Everything else. I m not enabling it, use it at your own.
##iptables -A INPUT -j DROP