Yup, it works..

In brief:

I dhcp off the wireless network.
I have installed a dhcp server and iptables on my machine..

I brought up eth0 on a different subnet, and run the script posted below, after changing my dhcpd.conf file to reflect my local subnet.. Hope this helps..

#!/bin/sh
echo -e ”
Loading simple rc.firewall version $FWVER..

IPTABLES=/sbin/iptables
DEPMOD=/sbin/depmod
INSMOD=/sbin/modprobe
#Setting the EXTERNAL and INTERNAL interfaces for the network
#
EXTIF=”ath0″
INTIF=”eth0″
#INTIF2=”ppp0″

echo ” External Interface: $EXTIF”
echo ” Internal Interface: $INTIF”
echo ” Second Internal Int: $INTIF2″

#======================================================================
#== No editing beyond this line is required for initial MASQ testing ==
echo -en ” loading modules: “

# Need to verify that all modules have all required dependencies
#
echo ” – Verifying that all kernel modules are ok”
$DEPMOD -a

echo “———————————————————————-“

echo -en “ip_tables, “
$INSMOD ip_tables

echo -en “ip_conntrack, “
$INSMOD ip_conntrack
#Load the FTP tracking mechanism for full FTP tracking
#
# Enabled by default — insert a “#” on the next line to deactivate
#
echo -en “ip_conntrack_ftp, “
$INSMOD ip_conntrack_ftp
#Load the IRC tracking mechanism for full IRC tracking
#
# Enabled by default — insert a “#” on the next line to deactivate
#
echo -en “ip_conntrack_irc, “
$INSMOD ip_conntrack_irc
echo -en “iptable_nat, “
$INSMOD iptable_nat
echo -en “ip_nat_ftp, “
$INSMOD ip_nat_ftp

#echo -e “ip_nat_irc”
#$INSMOD ip_nat_irc

echo “———————————————————————-“

echo -e ” Done loading modules.

echo ” Enabling forwarding..”
echo “1” > /proc/sys/net/ipv4/ip_forward

echo ” Enabling DynamicAddr..”
echo “1” > /proc/sys/net/ipv4/ip_dynaddr
echo ” Clearing any existing rules and setting default policy..”
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F

echo ” FWD: Allow all connections OUT and only existing and related ones IN”
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state –state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
echo ” FWD: Allow all connections OUT and only existing and related ones IN”
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF2 -m state –state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG

echo ” Enabling SNAT (MASQUERADE) functionality on $EXTIF”
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

echo -e ”
rc.firewall-2.4 v$FWVER done.