please help by iptables FORWARD...
good morning,
i´m trying to set up my redhat router a little bit more save, here is my
actual setup.
# delete old rules
iptables -F
iptables -t nat -F
# enable masquerading
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
# enable ip_forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
# set standard chain policies to DROP
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
# set INPUT rules
iptables -A INPUT -p tcp -s 192.168.1.0/24 -i eth0 --dport 22 -j ACCEPT
# set FORWARD rules
iptables -A FORWARD -s 192.168.1.0/24 -i eth0 -o ppp0 -j ACCEPT
iptables -A FORWARD -d 192.168.1.0/24 -i ppp0 -o eth0 -j ACCEPT
# set OUTPUT rules
iptables -A OUTPUT -p tcp -d 192.168.1.0/24 -o eth0 --sport 22 -j ACCEPT
All works fine but all traffic and all ports are able to use but that's not
what i want.
Now, i delete the FORWARD rules and changed it to:
iptables -A FORWARD -s 192.168.1.0/24 -p tcp --dport 80 -i eth0 -o ppp0 -j
ACCEPT
iptables -A FORWARD -d 192.168.1.0/24 -p tcp --sport 80 -i ppp0 -o eth0 -j
ACCEPT
in hope to forward only http traffic but it dosn't work.
can anyone help, please ?
best wishes
Daniel Krueger
Reply to: