On December 23, 2004 12:53 am, Mollatt Ntini wrote: > Hello everyone > > I have googled and googled, but I believe it's the correct search keyword > that I am missing. What I am about to ask has been discussed on this list, > but I just don't seem to be able to track it down - in the archives, FAQ, > sample configs! > > I have one of those *stupid* requests again: I need to put an IP Forwarding > or IP Masquerade on a REDHAT 9, basically what I need is to have my LAN to > access any outside network, whether ping, trace etc, and just leave my WAN > network in its current state. How do I do this. > > Please help! Hi, If you simply after the rules to allow all outbound traffic and to mask it as one source IP on the outside, the following is what you need. However, there is lots more involved to make a secure fw, depending on what else needs to flow. You still need a proper fw script to flush rules, block bad things etc. possible values: [ EXT_IF="eth0" LAN_RANGE="192.168.1.0/24" LAN_IP="192.168.1.254"] $IPTABLES -A POSTROUTING -t nat -o $EXT_IF -s $LAN_RANGE -j MASQUERADE $IPTABLES -A FORWARD -i $LAN_IF -s $LAN_RANGE -j ACCEPT you probably already have these.... $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -m limit -j LOG --log-prefix "NetF FORWARD CHAIN: " $IPTABLES -A FORWARD -j DROP hope that is what your after. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
