Building Firewall/Router in Slackware
Hi, I am attempting to build a Linux firewall/router. I have managed to install slackware and get everyones machines talking to each other, no problems there. I have got NAT working by using the following command in iptables.
Code:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE Thanks |
Chains INPUT controls packets coming to the router only
Chains OUTPUT controls packets coming out from the router only Chain FORWARD controls packets moving between networks that your router connects. FORWARD controls incoming packets to a device (like eth0). if eth0 if your local LAN then iptables -A FORWARD -p tcp -o eth0 -j ACCEPT will accept tcp packets incoming to subnet if eth1 is public WAN iptables -A FORWARD -p tcp -o eth1 -j ACCEPT will accept tcp packets incoming to internet (or less formally outgoing from subnet) Standard policies if you want to drop all traffic at start is: iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP but be carefull not to block yourself if you manage router remotely. Then if you want to make a hole: iptables -A FORWARD -p tcp -o eth1 --dport 80 -j ACCEPT will allow users form LAN to connect to websites (port 80) I'm sure you'll figure it out, there's planty of tutorials. PS. Packet forward needs to be turned on. This should do the job: echo 1 > /proc/sys/net/ipv4/ip_forward |
All times are GMT -5. The time now is 08:47 AM. |