#!/bin/sh
# Load the NAT module (this pulls in all the others).
modprobe iptable_nat

# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

# In the NAT table (-t nat), Append a rule (-A) after routing (POSTROUTING)
# which says to MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -j MASQUERADE

# Allows forwarding specifically to our LAN
iptables -A FORWARD -s 192.168.50.0/24 -j ACCEPT

# Allow dhcp requests
iptables -A INPUT -i eth1 -p udp --sport bootpc --dport bootps -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --sport bootpc --dport bootps -j ACCEPT
iptables -A INPUT -i eth1 -p udp --sport bootps --dport bootpc -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --sport bootps --dport bootpc -j ACCEPT

# Allow dns requests
iptables -A INPUT -i eth1 -p udp --dport domain -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport domain -j ACCEPT
# Trans parent proxy
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128

    Source: geocities.com/sunil_tt