setting up nat

Guillermo Garron ggarron at alketech.com
Sat May 20 13:31:18 UTC 2006 

Hi,

Here you have a little gui/wizard that i found on the NET for firewall, 
but no, NAT, of course you can add the lines that Arun sent to you to 
the file that result of running this wizard.

or modify the wizard to be able to manage NAT also ;)

regards,

Guillermo.


Antoine wrote:
> Thanks for that... but I hope you are joking! You mean there is no
> gui/wizard for setting up nat?!?
> Cheers
> Antoine
> 
> On 19/05/06, Arun Binaykia <arun at binaykia.com> wrote:
>> Hello,
>>
>> eth0 is the lan interface,
>> eth1 is the wan interface.
>>
>> substitute eth1 with your ppp interface
>>
>> This is my script for nat and firewall. It's a part of /etc/rc.local
>>
>> I've use the following tutorial, iptables are not very difficult.
>>
>> http://iptables-tutorial.frozentux.net/iptables-tutorial.html#HOWARULEISBUILT 
>>
>>
>> #=====
>> iptables --flush
>> iptables --flush -t nat
>> iptables --append FORWARD --in-interface eth0 -j ACCEPT
>> iptables -A FORWARD -i eth1 -m state --state NEW,INVALID -j DROP
>> iptables -t nat -A POSTROUTING  -j MASQUERADE
>> echo 1 > /proc/sys/net/ipv4/ip_forward
>> iptables -P INPUT DROP
>> iptables -A INPUT -i eth0 -j ACCEPT
>> iptables -A INPUT -s 127.0.0.1 -j ACCEPT
>> iptables -A INPUT -i eth1 -p udp -j ACCEPT
>> #==== if you want just nat stop here
>> iptables -A INPUT -i eth1 -p tcp --dport 22 -j ACCEPT
>> iptables -A INPUT -i eth1 -p tcp --dport 80 -j ACCEPT
>> #=====
>>
>> HTH
>> Arun
>>
>>
>> On Fri, 2006-05-19 at 21:48 +0200, Antoine wrote:
>> > Hi,
>> > I am relatively new to fedora (just done two years of gentoo), and
>> > quite a bit of googling didn't turn up any easy way to activate nat. I
>> > have a few machines that I want to be nat'ed through a fc5 box
>> > connecting via pppoe. I installed firestarter but it won't activate
>> > nat until I restart my adsl connection (which means sshing into my
>> > router box and restarting... ok for me but not for the missus!). I
>> > can't believe there is no standard way to set up nat, so if anyone has
>> > any pointers I am all ears.
>> > Cheers
>> > Antoine
>> >
>> > --
>> > This is where I should put some witty comment.
>> >
>>
>> -- 
>> fedora-list mailing list
>> fedora-list at redhat.com
>> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>>
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: firewall_install.sh
Type: application/x-shellscript
Size: 94031 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060520/ad73338a/attachment-0001.bin>

More information about the fedora-list mailing list