Re: permanent ip forwarding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am Fre, 2003-02-28 um 09.43 schrieb muffadal.essaji@mail.intafrica.com:
> hi thanks
> i need to put the ip forwarding permanent .
> how can i do it.
Which distribution?
Check if there is a /etc/sysctl.conf file. If there is you can enter it
there. Otherwise you have to edit your /etc/rc.d/rc.local file.

Cheers,

Ralf
> urgent
> muffadal.
> 
> > Am Fre, 2003-02-28 um 06.26 schrieb muffadal.essaji@mail.intafrica.com:
> >> hi.
> >> i need a step by step prodecure to configure NAT.
> >> I havee eth1 thats my internal internetwork
> >> and eth0 which have a public ip.
> > Ok, lets see.
> > Either you have a static or dynamic public IP.
> >
> > #!/bin/bash
> > # Firewall skript
> > # We need to load several modules for NAT
> > modprobe ip_tables
> > modprobe ip_conntrack_ftp
> > modprobe ip_nat_ftp
> > #In both cases you need to have forwarding on:
> > sysctl -w net.ipv4.ip_forward=1
> > #In both cases you need some rules to forward the traffic:
> > # Drop everything by default
> > iptables -P FORWARD DROP
> > # Allow new connections from the inside
> > iptables -A FORWARD -i eth1 -o eth0 -m state --state NEW -j ACCEPT #
> > Allow established connections to communicate
> > iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT # Now
> > NAT, you want the following rule for a static IP
> > iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to <enter your IP here>
> > # if you use a dynamic IP you need:
> > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> >
> >
> > Cheers,
> >
> > Ralf
> >> i need all internal machines to access the internet.
> >> i went to documentation but  i went crazy.
> >> urgent help.
> >> yours
> >> muffadal
> >>
> >>
> >>
> > --
> > Ralf Spenneberg
> > RHCE, RHCX
> >
> > IPsec/PPTP Kernels for Red Hat Linux:
> > http://www.spenneberg.com/.net/.org/.de
> > Honeynet Project Mirror:                http://honeynet.spenneberg.org
> > Snort Mirror:                           http://snort.spenneberg.org
> 
> 
-- 
Ralf Spenneberg
RHCE, RHCX

IPsec/PPTP Kernels for Red Hat Linux:  
http://www.spenneberg.com/.net/.org/.de
Honeynet Project Mirror:                http://honeynet.spenneberg.org
Snort Mirror:                           http://snort.spenneberg.org
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux