LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page IP Masquerdaing 2 internal networks
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-28-2003, 09:48 PM   #1
Johnsernickle
Member
 
Registered: Aug 2002
Posts: 71

Rep: Reputation: 15
IP Masquerdaing 2 internal networks

I am trying to connect my two internal networks to the internet. I have Red Hat 8.0 set up with 2 network cards and a modem. My first network, 192.168.0.x Is home for my two windows computers, and i cuurently have IP MASQ working for them. And my second network that im just staring is 192.168.1.x an it is home to my FreeBSD computer
(i'm trying to experiment, by the way, if anyone knows where i could learn some about FreeBSD...). Well, I want my Red Hat 8.0 box to allow trafic to flow freely between eth0 192.168.0.x and eth1 192.168.1.x and for them both to be able to use the modem, with the firewall rules i have made. Here is my script im using right now to Masq my windows network:

#!/bin/sh


echo -e "\n\n Loading firewall...\n"


#----------------------------------------#
# Kernel Modules #
#----------------------------------------#

IPTABLES=/sbin/iptables
DEPMOD=/sbin/depmod
INSMOD=/sbin/insmod


#----------------------------------------#
# Setting EXTERNAL and INTERNAL #
# interfaces for the network #
#----------------------------------------#


EXTIF="ppp0"
INTIF="eth0"

echo " External Interface: $EXTIF"
echo " Internal Interface: $INTIF"


#----------------------------------------#
# Checking Kernel Modules #
#----------------------------------------#

echo -en " loading kernel modules: "

echo -en "verifying all kernel modules, "
$DEPMOD -a


#----------------------------------------#
# Re-Loading Defaults #
#----------------------------------------#

echo -en "ip_tables, "
$INSMOD ip_tables

echo -en "ip_conntrack, "
$INSMOD ip_conntrack

echo -en "iptable_nat, "
$INSMOD iptable_nat


#---------------------------------------#
# FTP tracking mechanism #
#---------------------------------------#

echo -en "ip_conntrack_ftp, "
$INSMOD ip_conntrack_ftp


#---------------------------------------#
# IRC tracking mechanism #
#---------------------------------------#

echo -en "ip_conntrack_irc, "
$INSMOD ip_conntrack_irc


#---------------------------------------#
# NAT for Non-Passive FTP #
#---------------------------------------#

echo -en "ip_nat_ftp, "
$INSMOD ip_nat_ftp


#---------------------------------------#
# NAT for IRC DDC #
#---------------------------------------#

echo -e "ip_nat_irc"
$INSMOD ip_nat_irc

echo ". Done loading modules."

#----------------------------------------#
# CRITICAL: Enable IP forwarding #
# #
# /etc/sysconfig/network #
# #
# FORWARD_IPV4=false #
# to #
# FORWARD_IPV4=true #
# #
#----------------------------------------#

echo " enabling forwarding.."
echo "1" > /proc/sys/net/ipv4/ip_forward


#----------------------------------------#
# Dynamic IP Adress Support #
#----------------------------------------#

echo " enabling DynamicAddr.."
echo "1" > /proc/sys/net/ipv4/ip_dynaddr


#----------------------------------------#
# Flushing Old Tables #
#----------------------------------------#

echo " clearing any existing rules and setting default policy.."
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD REJECT
$IPTABLES -F FORWARD
$IPTABLES -t nat -F


#----------------------------------------#
# Initilizing Forwarding #
#----------------------------------------#

echo " FWD: Allow all connections OUT and only existing and related ones IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j
ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG

echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

echo -e "\n Firewall done.\n"




I adopted it from a website i found. Maybe someone could help me understand it a little more? Well, thanks in advance,

~Peter
 
Old 01-28-2003, 10:33 PM   #2
subzero80
LQ Newbie
 
Registered: Jan 2003
Posts: 28

Rep: Reputation: 15
I would just tell you to download www.shorewall.com.. Good firewall and it's easy to setup. It does everything..
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to route internal Networks by IP tables? quazidaniel Linux - Networking 4 10-12-2005 10:32 AM
A quick question about ports & internal/external networks for webservers... jacksonscottsly Linux - Networking 2 07-10-2005 09:35 PM
Installation of internal HP DAT 40i DDS internal tape drive netkepala Linux - Hardware 3 11-08-2004 12:22 PM
Working IPTABLES STRONG firewall for TWO internal networks kennedy01 Linux - Wireless Networking 3 08-24-2004 11:10 PM
Use two networks? trees Linux - Networking 7 12-24-2003 11:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:06 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration