LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   iptables MASQUERADING at boot (https://www.linuxquestions.org/questions/linux-newbie-8/iptables-masquerading-at-boot-98221/)

krishanprath 09-29-2003 09:38 AM
iptables MASQUERADING at boot
 
Hi,

I have been trying to figure out what my problem is for a long time and I just can't figure it out. PLEASE HELP!

I have redhat 9 running on my computer.

I have inserted the following in my '/etc/init.d/iptables' file:
NOTE: #### indicate the bit I added

....
echo -n $"Clearing all current rules and user defined chains:"
let ret=0
for i in $chains; do iptables -t $i -X; let ret+=$?; done
iptables -X
let ret+=$?
if [ $ret -eq 0 ]; then
success
else
failure
fi
echo

####
# MASQUERADING section (ie allows internal network to access Internet through thiis)
iptables -t filter --append FORWARD --jump ACCEPT --in-interface eth1
iptables -t nat --append POSTROUTING --jump MASQUERADE --out-interface ppp0
echo 1 > /proc/sys/net/ipv4/ip_forward
echo I have enabled Internet access \(ppp0\) to intranet users \(eth1\).
# END of MASQUERADING
####

for i in $chains; do iptables -t $i -Z; done
echo -n $"Applying iptables firewall rules: "
grep -v "^[[:space:]]*#" $IPTABLES_CONFIG | grep -v '^[[:space:]]*$' | /sbin/iptables-restore -c && \
success || \
failure
echo

touch /var/lock/subsys/iptables
fi
......

When I reboot the computer all appears fine as I get no error messages but the masquerading simply does not work. I have no clue why because when I restart iptables it works fine.

Can anyone tell me what the problem is?
Can anyone tell me how I was supposed to identify this issue without having to ask?

Please help

snerfu 09-29-2003 10:10 AM
If you try calling the script from the end of your /etc/rc.d/rc.local file will it start properly?

krishanprath 09-30-2003 07:41 AM
I figured it out
 
My problem appeared to be that in the file /etc/sysctl.conf I had to set the variable for IP forwarding to 1 so that the file looked like:

# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

Krishan


All times are GMT -5. The time now is 05:52 AM.