RE: ip masqurade

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> computers on my LAN to gateway to the internet via my Linux Modem. My 

You use a modem, so I guess you have aa ppp internet interface and a
dynamic IP address.
That's why we'll be using MASQUERADE. Otherwise use SNAT.

> my lan which will fall in the ip range of 192.168.168.0/24. 

# First disable forwarding so that nothing will happen before your rules
are set.
echo 0 > /proc/sys/net/ipv4/ip_forward

# Forward packets coming from your LAN to internet, DROP everything
else.
# When not specifying a table, the filter table is assumed.
iptables -P FORWARD DROP
iptables -A FORWARD -i <if_lan> -o <if_inet> -s 192.168.168.0/24 -j
ACCEPT
iptables -t nat -A POSTROUTING -o <if_inet> -s 192.168.168.0/24 -j
MASQUERADE 

# Enable forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward


Gr,
Rob



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux