[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] conversion from ipchains to iptables



Good morning!

I've updated our firewall to RH 7.2 and now I want to convert from ipchains to iptables so some users can use FTP in some applications - won't work in ipchains because of NAT. I'm having trouble getting our transparent redirect to work correctly and thought someone might be able to help?

Here's what I have for basic rules I'm working with right now:

############################
#eth0 == private side (10.x.x.x)
#eth1 == public side (204.x.x.x)

iptables -P INPUT DROP
iptables -A INPUT -s 10.x.x.0/24 -j ACCEPT
iptables -A INPUT -s 204.x.x.0/24 -j ACCEPT
iptables -A OUTPUT -d 10.x.x.0/24 -j ACCEPT
iptables -A OUTPUT -d 204.x.x.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -d ! 10.x.x.0/24 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 REDIRECT --to-port 3218

#At this point I need to load the mod. so FTP will work with iptables.
###################
This all seems good till it comes to that last line with the REDIRECT. That doesn't want to work, and so everyone gets around the squid/squidguard box.


Thanks for any and all help!

Andy

Andy Hall, Technology Director
Wellington-Napoleon R-9 School District
Wellington, MO  64097
(816)240-2621; fax (816)934-8649






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]