is this firewall script correct

[gwu]

Good Morning!

currently i have a firewall which serves only a dmz. Eth0 is connected to the internet and eth1 to the dmz(10.0.0.0/24). My first question: is this script correct? My second question..i want to add a second net card (eth2) which will serve masq'd clients on the 10.0.1.0/24 network. Can someone show me the way. Thanks!!
*********************************************
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

iptables -A POSTROUTING --table nat --out-interface eth0 -j MASQUERADE

iptables -A FORWARD -m state --state NEW,ESTABLISHED,RELATED -i eth0 -j ACCEPT

iptables -A FORWARD --in-interface eth1 -j ACCEPT

iptables -A FORWARD -p tcp -d 204.91.104.94 --dport 25 -o eth1 -j ACCEPT

iptables -A PREROUTING -t nat -p tcp -d 204.91.104.94 --dport 25 -j DNAT --to 10.0.0.94:25

iptables -A FORWARD -p tcp -d 204.91.104.94 --dport 110 -o eth1 -j ACCEPT

iptables -A PREROUTING -t nat -p tcp -d 204.91.104.94 --dport 110 -j DNAT --to 10.0.0.94:110

iptables -A FORWARD -p tcp -d 204.91.104.5 --dport 80 -o eth1 -j ACCEPT

iptables -A PREROUTING -t nat -p tcp -d 204.91.104.5 --dport 80 -j DNAT --to 10.0.0.5:80

iptables -A FORWARD -p tcp -d 204.91.104.137 --dport 80 -o eth1 -j ACCEPT

iptables -A PREROUTING -t nat -p tcp -d 204.91.104.137 --dport 80 -j DNAT --to 10.0.0.137:80

iptables -A FORWARD -p tcp -d 204.91.104.141 --dport 80 -o eth1 -j ACCEPT

iptables -A PREROUTING -t nat -p tcp -d 204.91.104.141 --dport 80 -j DNAT --to 10.0.0.141:80

*********************************************

 

[pollux0]

Would this line work

iptables -A FORWARD --in-interface eth2 -j ACCEPT