I am trying to provide a gateway for firewalling Windows.
I have two ethernet ports :-
enp4s0 which is external onto another router onto the internet on
192.168.1.0/8 <http://192.168.1.0/8>
enp5s5: which is my internal Windows network.
I have the following rule working :-
iptables -t nat -A POSTROUTING ! -d 192.0.1.0/8
<http://192.0.1.0/8> -o enp4s0 -j MASQUERADE
Why do we need the '! d 192.0.1.0/8 <http://192.0.1.0/8>' this doesn not
seem to make any sense ?
I am trying to just allow ports 53 DNS and 443 HTTPS to be allow
through, so I tried :-
iptables -t nat -A POSTROUTING ! -d 192.0.1.0/8
<http://192.0.1.0/8> -p tcp --dport 53 -o enp4s0 -j MASQUERADE
iptables -t nat -A POSTROUTING ! -d 192.0.1.0/8
<http://192.0.1.0/8> -p udp --dport 53 -o enp4s0 -j MASQUERADE
iptables -t nat -A POSTROUTING ! -d 192.0.1.0/8
<http://192.0.1.0/8> -p tcp --dport 533 -o enp4s0 -j MASQUERADE
But it is failing.
Hope I am doing something simple wrong !
--
Aaron Gray
Independent Open Source Software Engineer, Computer Language Researcher,
Information Theorist, and amateur computer scientist.
