iptables MASQUERADING at boot
Hi,
I have been trying to figure out what my problem is for a long time and I just can't figure it out. PLEASE HELP! I have redhat 9 running on my computer. I have inserted the following in my '/etc/init.d/iptables' file: NOTE: #### indicate the bit I added .... echo -n $"Clearing all current rules and user defined chains:" let ret=0 for i in $chains; do iptables -t $i -X; let ret+=$?; done iptables -X let ret+=$? if [ $ret -eq 0 ]; then success else failure fi echo #### # MASQUERADING section (ie allows internal network to access Internet through thiis) iptables -t filter --append FORWARD --jump ACCEPT --in-interface eth1 iptables -t nat --append POSTROUTING --jump MASQUERADE --out-interface ppp0 echo 1 > /proc/sys/net/ipv4/ip_forward echo I have enabled Internet access \(ppp0\) to intranet users \(eth1\). # END of MASQUERADING #### for i in $chains; do iptables -t $i -Z; done echo -n $"Applying iptables firewall rules: " grep -v "^[[:space:]]*#" $IPTABLES_CONFIG | grep -v '^[[:space:]]*$' | /sbin/iptables-restore -c && \ success || \ failure echo touch /var/lock/subsys/iptables fi ...... When I reboot the computer all appears fine as I get no error messages but the masquerading simply does not work. I have no clue why because when I restart iptables it works fine. Can anyone tell me what the problem is? Can anyone tell me how I was supposed to identify this issue without having to ask? Please help |
If you try calling the script from the end of your /etc/rc.d/rc.local file will it start properly?
|
I figured it out
My problem appeared to be that in the file /etc/sysctl.conf I had to set the variable for IP forwarding to 1 so that the file looked like:
# Kernel sysctl configuration file for Red Hat Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # Controls IP packet forwarding net.ipv4.ip_forward = 1 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 Krishan |
All times are GMT -5. The time now is 05:52 AM. |