# Accept all loopback traffic localhost or 127.0.0.1

iptables -A INPUT -i lo -j ACCEPT

iptables -A OUTPUT -o lo -j ACCEPT

# Accept all local traffic from 192.168.1.1-192.168.1.255

iptables -A INPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT

iptables -A OUTPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT

# Forward all eth0, eth1, etc through tun interfaces

iptables -A FORWARD -i eth+ -o tun+ -j ACCEPT

iptables -A FORWARD -i tun+ -o eth+ -j ACCEPT

# Postroute masquerade through tun interfaces

iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE

# Drop any other traffic through eth adapters

iptables -A OUTPUT -o eth+ ! -d a.b.c.d -j DROP