Re: setting up nat

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,
Here you have a little gui/wizard that i found on the NET for firewall, but no, NAT, of course you can add the lines that Arun sent to you to the file that result of running this wizard. 

or modify the wizard to be able to manage NAT also ;)

regards,

Guillermo.


Antoine wrote:

Thanks for that... but I hope you are joking! You mean there is no
gui/wizard for setting up nat?!?
Cheers
Antoine

On 19/05/06, Arun Binaykia <arun@xxxxxxxxxxxx> wrote:

Hello,

eth0 is the lan interface,
eth1 is the wan interface.

substitute eth1 with your ppp interface

This is my script for nat and firewall. It's a part of /etc/rc.local

I've use the following tutorial, iptables are not very difficult.
http://iptables-tutorial.frozentux.net/iptables-tutorial.html#HOWARULEISBUILT 

#=====
iptables --flush
iptables --flush -t nat
iptables --append FORWARD --in-interface eth0 -j ACCEPT
iptables -A FORWARD -i eth1 -m state --state NEW,INVALID -j DROP
iptables -t nat -A POSTROUTING  -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -P INPUT DROP
iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -i eth1 -p udp -j ACCEPT
#==== if you want just nat stop here
iptables -A INPUT -i eth1 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 80 -j ACCEPT
#=====

HTH
Arun


On Fri, 2006-05-19 at 21:48 +0200, Antoine wrote:
> Hi,
> I am relatively new to fedora (just done two years of gentoo), and
> quite a bit of googling didn't turn up any easy way to activate nat. I
> have a few machines that I want to be nat'ed through a fc5 box
> connecting via pppoe. I installed firestarter but it won't activate
> nat until I restart my adsl connection (which means sshing into my
> router box and restarting... ok for me but not for the missus!). I
> can't believe there is no standard way to set up nat, so if anyone has
> any pointers I am all ears.
> Cheers
> Antoine
>
> --
> This is where I should put some witty comment.
>

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Attachment: firewall_install.sh
Description: application/shellscript

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux