z-user,
в камере выставил HTTP порт 240
набрал это
sudo iptables -A INPUT -i eth1 -p udp --dport 240 -j ACCEPT
потом сохранил
sudo iptables-save
ребутнул
в итоге 240 закрыт, всё остальное работает
вот iptables-save
root@LinuxServer:~# sudo iptables-save
# Generated by iptables-save v1.4.10 on Tue Sep 6 13:28:48 2016
*mangle
:PREROUTING ACCEPT [1608174:1095242293]
:INPUT ACCEPT [297392:201946613]
:FORWARD ACCEPT [1308616:893182664]
:OUTPUT ACCEPT [350704:194228857]
:POSTROUTING ACCEPT [1659371:1087416369]
-A FORWARD -o ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1400:65495 -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Tue Sep 6 13:28:48 2016
# Generated by iptables-save v1.4.10 on Tue Sep 6 13:28:48 2016
*nat
:PREROUTING ACCEPT [25576:1806623]
:INPUT ACCEPT [17216:1070480]
:OUTPUT ACCEPT [51100:3127972]
:POSTROUTING ACCEPT [122:16355]
-A PREROUTING ! -d 192.168.0.0/24 -i eth1 -p tcp -m multiport --dports 80,8080 -j DNAT --to-destination 192.168.0.1:3128
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Tue Sep 6 13:28:48 2016
# Generated by iptables-save v1.4.10 on Tue Sep 6 13:28:48 2016
*filter
:INPUT ACCEPT [297393:201947961]
:FORWARD ACCEPT [1308618:893184160]
:OUTPUT ACCEPT [350705:194230205]
COMMIT
# Completed on Tue Sep 6 13:28:48 2016
root@LinuxServer:~#