Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   NAT via /etc/sysconfig/iptables (http://www.linux-archive.org/centos/407518-nat-via-etc-sysconfig-iptables.html)

Boris Epstein 08-02-2010 04:45 PM
NAT via /etc/sysconfig/iptables
 
Hello listmates,

It's been a few years since I've set up a router... and for some
reason I seem to be getting hung up on this one.

Does anybody have a sample iptables config file that would incorporate
NAT and forwarding for a simple router?

Thanks.

Boris.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

"Joseph L. Casale" 08-02-2010 05:04 PM
NAT via /etc/sysconfig/iptables
 
>Does anybody have a sample iptables config file that would incorporate
>NAT and forwarding for a simple router?

Turn on ip frwding in sysctl.conf:
net.ipv4.ip_forward = 1

Then rules something like this (Tune for your needs):
# Accept packets belonging to established and related connections
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Setup masquerading on WAN interface & forward specified requests
/sbin/iptables -A POSTROUTING -t nat -o $WAN -j MASQUERADE
/sbin/iptables -A FORWARD -i $LAN -o $WAN -m state --state NEW,ESTABLISHED,RELATED -p tcp -m multiport --dports 80,443 -j ACCEPT
/sbin/iptables -A FORWARD -i $WAN -o $LAN -m state --state RELATED,ESTABLISHED -j ACCEPT


Have a quick read on:
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptable s

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Eduardo Grosclaude 08-02-2010 05:14 PM
NAT via /etc/sysconfig/iptables
 
On Mon, Aug 2, 2010 at 1:45 PM, Boris Epstein <borepstein@gmail.com> wrote:
> Hello listmates,
>
> It's been a few years since I've set up a router... and for some
> reason I seem to be getting hung up on this one.
>
> Does anybody have a sample iptables config file that would incorporate
> NAT and forwarding for a simple router?

I found project quicktables very helpful
(http://freshmeat.net/projects/quicktables).

--
Eduardo Grosclaude
Universidad Nacional del Comahue
Neuquen, Argentina
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 01:39 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.