$q->default_dtd('-//W3C//DTD HTML 4.01 Transitional//EN');
print $q->header(),
$q->start_html("DNAT"),
$q->br(), $q->br(),
$q->start_form(),
 $q->start_table({ -boarder => '0' }),
 $q->Tr($q->td($q->radio_group(-name => 'proto',
                               -values => ['tcp','udp'],
                               -rows => 2, -columns => 1)),
 $q->td('Port: ', $q->textfield(-name => 'port')),
 $q->td('IP-Adresse: ', $q->textfield(-name => 'ip')),
 $q->td($q->submit(-name => 'add', -value => 'apply'))),
 $q->end_table(),
 $q->end_form();
 $q->br(), $q->br();

##</code><code>##

if ($q->param('add')) {
 # seems that user has requested a new rule
 my $proto = $q->param('proto');
 my $port = $q->param('port');
 my $ip = $q->param('ip');
 # set up rule hash's for NAT and FILTER Tables
 my %addrule_nat = (
    protocol           => "$proto",
    "destination-port" => "$port",
    jump               => "DNAT",
    "to-destination"   => "$ip",
 );
 my %addrule_for = (
    protocol                    => $proto,
    "in-interface"             => 'eth0',
    "out-interface"           => 'eth1',
    "destination-port"      => $port,
    jump                          => "ACCEPT",
 );
 my %addrule_inp = (
    protocol                    => $proto,
    "destination-port"      => $port,
    jump                          => "ACCEPT",
 );

 my $erfolg_nat = $nat->append_entry('PREROUTING', \%addrule_nat) || die "NAT: $!";
 my $erfolg_for = $filter->insert_entry('FORWARD', \%addrule_for, 0) || die "FORWARD: $!";
 my $erfolg_inp = $filter->insert_entry('INPUT', \%addrule_inp, 0) || die "INPUT: $!";
 # now commit our work
 my $commit_nat = $nat->commit();
 my $commit_filter = $filter->commit();
 # tell the user it is done an refresh in 5sec
 _cut_
}

##</code><code>##

 my $proto = $q->param('proto');
 my $port = $q->param('port');
 my $ip = $q->param('ip');