set up NAT (network address translation) on local server
Marko Vojinovic
vvmarko at panet.rs
Thu Nov 20 15:27:49 UTC 2008
On Thursday 20 November 2008 13:52, Christopher K. Johnson wrote:
> Does /etc/sysconfig/iptables actually contain the lines
>
> *nat
>
> :PREROUTING ACCEPT [1:233]
> :POSTROUTING ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
>
> -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j SNAT --to-source 10.154.19.210
> COMMIT
>
> It seems unlikely that it was written correctly since the restart did
> not implement your SNAT rule, and this file is what a restart reads.
> Perhaps there is a bug in iptables-save? I edit
> /etc/sysconfig/iptables directly, and recommend that if you are not
> using some firewall front-end or tool to do this, that you do the same.
:-)
I am not that much pro for iptables as for dhcp --- in fact, I gave up on
learning iptables syntax a long time ago and rely on guis for configuration
--- but wouldn't it be much much easier for the OP to set up nat using, say,
firestarter?
First "yum install firestarter". Then run it and answer the questions that
wizard asks. Activate NAT options, do not touch dhcp options (this is already
configured). The eth1 device is the local network, while eth0 is the uplink
to outside. I don't have two network cards here now so I cannot repeat exact
steps, but it should be trivial in a sense.
HTH, :-)
Marko
More information about the fedora-list
mailing list