- Iptables question..
- Posted by ishwar on July 17th, 2003
Hello,
System is MAndrake-9.1 with kernel version 2.4.20.
Context is Iptables rule given Ipchains rule..
Assume that EXTERNAL is the LAN/Internet connection interface
and LOCALNET is the local LAN on another interface (both on the same
Linux box), forward from LOCALNET to EXTERNAL in IPchains
ipchains -A forward -i $EXTERNAL -s $LOCALNET -j MASQ
a literal translation to Iptables produces errors. What is the correct
translation?
Thanks in advance,
-ishwar
- Posted by Robert Jirik on July 17th, 2003
ishwar wrote:
Not really familiar with iptables, but I have the following in my script
file:
iptables -t nat -A POSTROUTING -o $OUTIF -j MASQUERADE
iptables -A FORWARD -i $INIF -j ACCEPT
iptables -A FORWARD -i lo -j ACCEPT
where OUTIF is eth1 (ppp0, whatever), INIF is eth0 (...)
It definitely works for me ...
this should work for incoming packets:
iptables -A FORWARD -i $OUTIF -o $INIF -m state --state ESTABLISHED,RELATED
-j ACCEPT # accepts only packets we want
.... do not beat me if I'm wrong
--
Robert Jirik
[mailto:robert(at)aristoteles(dot)xhaven(dot)net]
public PGP key: http://xhaven.net/robert/pgp_key.asc
-
"Somewhere, something incredible is waiting to be known"
-- Carl Sagan
- Help needed with IPTABLES (UNIX / Variants) by russoue@gmail.com
- policy-based routing and NAT with iptables (Networking) by Florian Pressler
- iptables-esque windows app? (Computer Security) by cacophony
- iptables question (UNIX / Variants) by Theo Vermeulen
- Need HELP with Red Hat Linux 9 iptables firewall/router (Linux / Variants) by Aleksandr Zingorenko
