allow internet access from LAN using IPTABLES
hi
my network: internet & ipsec gateway has 2 interfaces: eth0 -> external interface (internet) eth1 -> internal interface (LAN) LAN: LOCAL_LAN="192.168.115.0/24" remote networks: REMOTE_LAN1="192.168.0.0/24" REMOTE_LAN2="192.168.1.0/24" REMOTE_LAN3="192.168.2.0/24" ipsec works without problems and I can reach remote networks from any LAN machine, but cannot access the Internet from the LAN machines what's wrong ? I'm using this firewall script: Code:
#!/bin/sh Code:
# iptables -V Code:
# uname -a |
Add
iptable -t nat -A POSTROUTING -s $LOCAL_LAN -o $EXT_IF -j SNAT --to <your external IP> if you have a static external IP or iptables -t nat -A POSTROUTING -s $LOCAL_LAN -o $EXT_IF -j MASQUERADE if it's dynamic |
thanks, it works now
but I have a very strange problem with this script. If I run it, my DNS server running on the same machine doesn't work anymore and the server is completely hanging. I cannot shutdown the machine, because name server could not be stopped ! knows someone what's wrong and howto solve this problem ? |
All times are GMT -5. The time now is 04:44 AM. |