LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page LINUX NAT firewall configuration using IPTables
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-21-2011, 04:54 AM   #1
slugman92
LQ Newbie
 
Registered: Feb 2011
Posts: 3

Rep: Reputation: 0
LINUX NAT firewall configuration using IPTables

I have got 3 PC's behind a LInux server NAT firewall, on a 192.168.1.0/24 subnet,


PC1 = 192.168.1.10
PC2 = 192.168.1.11
PC3 = 192.168.1.12

All PC's need to send mail by SMTP direct to my ISP mail server.

I need to RDP to PC 3 only from the Internet.

I don't want any other access from outside.

And Typical access inside the network between the PC's

Can someone please help me with the commands i would use to do this, ive been looking at it for a while now and i haven't got anywhere.

Thanks in advance. .
 
Old 02-21-2011, 05:45 AM   #2
dracuss
Member
 
Registered: May 2006
Location: Chisinau, Moldova
Distribution: Gentoo, Debian sid
Posts: 151

Rep: Reputation: 29
You could use port forwarding for that. Google for examples, there are plenty
 
Old 02-21-2011, 11:03 AM   #3
Oliv'
Senior Member
 
Registered: Jan 2004
Location: Montpellier (France)
Distribution: Gentoo
Posts: 1,014

Rep: Reputation: 36
Hello,

A tuto that I really love: http://www.gentoo.org/doc/en/home-router-howto.xml
Be aware that it is Gentoo specific, but for a lot of things, like iptables rules, it is common to all linux distributions.

Hope it helps,

Oliv'
 
Old 02-21-2011, 07:45 PM   #4
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
FWIW, it would go something like this:
Code:
iptables -P FORWARD DROP

iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A FORWARD -p TCP -i $LAN_IFACE -o $WAN_IFACE \
-m iprange --src-range 192.168.1.10-192.168.1.12 \
-d $SMTP_SERVER --dport 25 -m state --state NEW -j ACCEPT

iptables -A FORWARD -p TCP -i $WAN_IFACE -o $LAN_IFACE \
-d 192.168.1.12 --dport 3389 -m state --state NEW -j ACCEPT

iptables -t nat -A PREROUTING -p TCP -i $WAN_IFACE --dport 3389 \
-j DNAT --to-destination 192.168.1.12

iptables -t nat -A POSTROUTING -o $WAN_IFACE -j MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward
Last edited by win32sux; 02-21-2011 at 08:00 PM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
nat & firewall thru iptables jkmartha Linux - Security 5 05-13-2005 07:47 AM
Iptables,firewall,nat,gnutella fortezza Linux - Security 1 05-15-2004 12:16 AM
NAT, iptables, firewall, and Windoze AWyant Linux - Newbie 7 09-23-2003 04:30 PM
Iptables firewall with 4 NICs and nat jod Linux - Security 7 08-06-2003 05:14 AM
IPTABLES, NAT & Firewall dsylvester Slackware 1 02-15-2003 07:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:34 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration