Glen Spidal wrote:
Can't you set up the Windows 2000 Pro as a client, and use Linux as the main router ?What IPTables commands do I need to issue in a script to allow port 25 and 110 (email) to work. See attached PDF file.
Otherwise you need to do:
1) add destination(192.168.254.X)-gateway(192.168.0.47) route for each client PC on the windows PC,
since the client IP's are dynamic, this is impractical.
OR
2) enable MASQUERADING on the linuxbox
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
In both cases enable ip_forwarding on the linuxbox.
echo "1" > /proc/sys/net/ipv4/ip_forward
This offcourse doesn't matter for http if you use a proxy, but anything else
won't work without one of the two mentioned above.
Then you can add some rules like:
iptables -P forward drop
iptables -A forward -i eth0 -o eth1 -sport 25 -m state --state ESTABLISHED -j ACCEPT
iptables -A forward -i eth1 -o eth0 -dport 25 -j ACCEPT
iptables -A forward -i eth0 -o eth1 -sport 110 -m state --state ESTABLISHED -j ACCEPT
iptables -A forward -i eth1 -o eth0 -dport 110 -j ACCEPT
The ip of eth0 (192.168.254.250) is the same as the dhcp-server (192.168.254.250) which
doesn't make sense (to me).
( eth0 = connected to windows, eth1 connect to switch )
HTH
greetz
B.Mermuys
Glen SpidalHillsboro Oregon USAPH: 503-681-9786 FX: 503-615-2936
