Re: iptables

To: debian-firewall@lists.debian.org
Subject: Re: iptables
From: Gerdriaan Mulder <naairdreg@gmail.com>
Date: Wed, 22 Jun 2011 22:47:13 +0200
Message-id: <[🔎] BANLkTi=t27JZOTndtmnz5CKEztqwUnpwyQ@mail.gmail.com>
In-reply-to: <[🔎] 20110622203308.GA22985@mail.planetcobalt.net>
References: <[🔎] 6621A287F75A40CA9A220DCC823053C7@AsusEEPC1011Manu> <[🔎] 20110622203308.GA22985@mail.planetcobalt.net>

>> cat /proc/sys/net/ipv4/ip_forward is 1
>>
>> What are routes I have to create with route command ?
>
> Normally you shouldn't have to create any for that kind of setup.
4-step NAT, first step is to enable forwarding on the specific
interfaces, or ip_forward globally.
next three steps are iptables rules:
iptables -A FORWARD -i eth0 -o eth1 -m state --state
RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Next step is to configure the DHCP-server to propagate the IP
addresses to the network. Send the gateway (10.20.30.1) with the DHCP
offer and your computers should be able to reach the internet.

Reply to:

References:
- iptables
  - From: "Manu" <manuliste@manu-dpk.net>
- Re: iptables
  - From: Ansgar Wiechers <lists@planetcobalt.net>

Prev by Date: Re: iptables
Next by Date: Re: iptables
Previous by thread: Re: iptables
Next by thread: Re: iptables
Index(es):
- Date
- Thread