RE: iptables rules to connect through a linux firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> I'm trying to connect a windows XP client to a remote pptp server. I'm
> using windows XP at home on my home network which connects to the
> internet via a fedora linux firewall using iptables with nat.
> 
> What iptables rules do I need to insert to allow this to happen. I
> guess I just need to forward packets.


$modprobe ip_nat_pptp  
$modprobe ip_nat_proto_gre
$modprobe ip_conntrack_pptp
$modprobe ip_conntrack_proto_gre

$ipt -P FORWARD DROP
$ipt -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
$ipt -A FORWARD -m state --state NEW -i <if_lan> -o <if_inet> \
  -s <net_lan> -p gre -j ACCEPT
$ipt -A FORWARD -m state --state NEW -i <if_lan> -o <if_inet> \
  -s <net_lan> -p tcp --dport 1723 -j ACCEPT

$ipt -t nat -A POSTROUTING -o <if_inet> -s <net_lan> \
  -j SNAT --to <inet_ip>

And don't forget to enable ip forwarding...


Gr,
Rob
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux