#--------------------------------------------------------------- # Load the NAT module # # Note: It is best to use the /etc/rc.local example in this # chapter. This value will not be retained in the # /etc/sysconfig/iptables file. Included only as a reminder. #--------------------------------------------------------------- modprobe iptable_nat #--------------------------------------------------------------- # Enable routing by modifying the ip_forward /proc filesystem file # # Note: It is best to use the /etc/sysctl.conf example in this # chapter. This value will not be retained in the # /etc/sysconfig/iptables file. Included only as a reminder. #--------------------------------------------------------------- echo 1 > /proc/sys/net/ipv4/ip_forward #--------------------------------------------------------------- # Allow masquerading # - Interface eth0 is the internet interface # - Interface eth1 is the private network interface #--------------------------------------------------------------- iptables -A POSTROUTING -t nat -o eth0 -s 192.168.1.0/24 -d 0/0 \ -j MASQUERADE #--------------------------------------------------------------- # Prior to masquerading, the packets are routed via the filter # table's FORWARD chain. # Allowed outbound: New, established and related connections # Allowed inbound : Established and related connections #--------------------------------------------------------------- iptables -A FORWARD -t filter -o eth0 -m state \ --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -t filter -i eth0 -m state \ --state ESTABLISHED,RELATED -j ACCEPT
thank you for faj-kumar for let me find this
No comments:
Post a Comment