Hi everyone


Am using rhel5, i confused and want to clarify one thing am planning to implement iptables and natting. First thing what i want to know is Nat,DNS DHCP,HTTP,NFS,ftp and iptables should be in the same Box, or natting and iptables should be in separate boxes.I have a public IP for natting. i know i require two lan cards one for public and one for private,after assigning IP addresses to each what to do for natting, do i need to install any rpms plz guide me how to do?

Thanks in Advance
jnreddy

you can check if the rpm is installed with the command.

rpm -q iptables

if it list the iptables rpm then its already installed.

for other things try googling.

thanks
shahz

thanq shahz
iptables rpm is installed, do i need to install any rpm for NATTing?
is iptables rpm is enough for Natting.

Thanks In Adavnce
jnreddy

Hi,


if i remember right...

the minimum you need to do is:


enable ip forwarding on your linux server(you gateway for the other users)


sysctl -w net.ipv4.ip_forward=1"

if you would like to make this changes permanent edit

vi /etc/sysctl.conf

and change the zero to 1

# Controls IP packet forwarding
net.ipv4.ip_forward = 0



and create a NAT rule via iptables....



here is what i did.... but you should read about iptables to understand what you are doing... i guess your host is exposed to the internet... so the "flush" part would delete all your rules... take care...



[root@m~]# iptables --flush
[root@m~]# iptables --table nat --flush
[root@m~]# iptables --table nat --delete-chain
[root@m~]# iptables --table nat --append POSTROUTING
--out-interface eth0 -j MASQUERADE
[root@m~]# iptables --append FORWARD --in-interface eth1 -j ACCEPT



eth0 is the external interface 1.2.3.4

eth1 is the internal interface 10.10.x.x (to masquerade)


good luck

Thanks Yanic Fer
Tomorrow i implement the same what you said and get back to you

Thanks In Advance
jnreddy