Re: NAT via /etc/sysconfig/iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

>Does anybody have a sample iptables config file that would incorporate
>NAT and forwarding for a simple router?

Turn on ip frwding in sysctl.conf:
net.ipv4.ip_forward = 1

Then rules something like this (Tune for your needs):
# Accept packets belonging to established and related connections
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Setup masquerading on WAN interface & forward specified requests
/sbin/iptables -A POSTROUTING -t nat -o $WAN -j MASQUERADE
/sbin/iptables -A FORWARD -i $LAN -o $WAN -m state --state NEW,ESTABLISHED,RELATED -p tcp -m multiport --dports 80,443 -j ACCEPT
/sbin/iptables -A FORWARD -i $WAN -o $LAN -m state --state RELATED,ESTABLISHED -j ACCEPT


Have a quick read on:
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux