On Sun, 2002-12-22 at 20:18, David Sudjiman wrote: > I use linux as a firewall and as a router. > > But, If I may recall my three-months ago, I did not suceed with my > ip_forward to just create the ip forwarding. > > All i wanted to do is to make a connection between 192.168.1.0 and > 192.168.2.0. I have to use NAT for this. > > Did I do the right thing? Because all I know is I should not using NAT if > I only wanted for routing packets > > > On Sun, 22 Dec 2002, Chris Bice wrote: > > first : echo "1" /proc/sys/net/ipv4/ip_forward "enables ip forwarding" > > > > second : iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE "enables nat" > > > ----- You need a set of iptables rules as a firewall and at least the rule listed above to "NAT" which is the network address translation for the computers behind the firewall to operate. Yes, you must enable ip_forwarding but that by itself isn't enough. I would heavily recommend that you investigate David Ranch's linux masquerade howto... <http://www.ecst.csuchico.edu/~dranch/LINUX/ipmasq/c-html/index.html> While it may take a few minutes longer, you will learn something and secure your machine and your network in the process. Craig -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
