just having a quick look .. but i **think** you are too strict about the
rules.
if 10.10.0.180 is able to contact someone out there, the response would be
immediately dropped by the INPUT rule's default policy, try adding this
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
somewhere.
also, if you only want some trusted ips to surf the net, you would do
something like
iptables -t nat -A POSTROUTING -s 10.10.0.180/32 -o ppp0 -j MASQUERADE
----- Original Message -----
From: "Mario Ohnewald"
Hello! I have a little network, one firewall/router. I want to allow some ips to surf the net, and some are not allowed to leave the trusted net. I messed around a lot, and that what i have so far, (but it doesnt work at all!)
...