Hi All
I have been using a single Public IP address and NATS on my FC Firewall system for many years without a problem. I redirect the appropriate ports to the required severs without problem. Our ISP has recently informed us that we now have 10 available Public IP addresses and I would like to know how I forward public IP addresses through the firewall server.
IP addresses shown are not my actual addresses but for example only.
Our set up is. SHDSL bridge modem to the FC8 Firewall. IP address on Eth1 is 62.249.178.153 and Eth0 is 10.70.70.1
Here is my very basic code that I fall back on after server OS Update. It offers no protection but forwards to the lan. How would I change the script to incorporate Public addresses 62.249.178.154 & 62.249.178.155.
Do I need to add hardware. Extra Ethernet cards?
Code:
# Policies (default)
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
# FORWARD chain rules
# Accept the packets to forward
iptables -A FORWARD -i eth0 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
# OUTPUT chain rules
# Only packets with a local address (no spoofing)
iptables -A OUTPUT -p ALL -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p ALL -s 10.70.70.0/8 -j ACCEPT
iptables -A OUTPUT -p ALL -s 62.249.178.153 -j ACCEPT
# NATS for Internal network
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source 62.249.178.153
Thanks in advance
Dave