Iptables - Port Forwading - Rh 9.0
 

hi
i am ruunning redhat 9.0

ive managed to enablee routing and port forwading
i ttype in the forward command in my console
but everythng i restart it goes away
anyways 2 fix that
so the ports will auto port on boot
thank you

p.s. i cannot connect to passive ftps
what should i do?

I don't know if this is the best or easiest but it works for me. Create a file in /etc/rc.d/init.d called rc.forward.sh using "cat > rc.redirect.sh" <push enter> type the redirect command you are using, push cntrl-D to create the file. Make it executable by "chmod 744 rc.redirect.sh"

Hi
I'm trying to do NAT on RH9 but i can't make it work...
i used...

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A INPUT -i eth0 -m state --state NEW,INVALID -j DROP
iptables -A FORWARD -i eth0 -m state --state NEW,INVALID -j DROP
echo 1 > /proc/sys/net/ipv4/ip_forward

could you tell me what to do?
thx!
:)

dude:
you could put the rules in rc.firewall, and call rc.firewall from
rc.local (located in /etc/), rc.local gets called last during the boot process

Narf:
try it with the last 2 rules turned off, the NEW,INVALID ones. See if you can
NAT first before trying to drop stuff.

I solved it!!!!!
It might be usefull for someone... so i'll explain how did i do it...

RH9 has default iptables rules, so iptables -F will flush those and let you use your own.

# Reglas para hacer NAT con iptables

echo 1 > /proc/sys/net/ipv4/ip_forward
insmod ip_masq_ftp > /dev/null 2> /dev/null

iptables -F
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A INPUT -i eth0 -m state --state NEW,INVALID -j DROP
iptables -A FORWARD -i eth0 -m state --state NEW,INVALID -j DROP

just copy/paste it on etc/rc.local and you'll get it permanent

Thanks for your help guys!!!! ;)

Narf,

Im a total noob to linux, what is that - - state NEW,INVALID parameter?

or could someone explain each parameter? and what do I do after I type that in?

Do I just connect my broadband to eth0 and connect my hub to eth1 and set an IP on my other computer?

RSX

It seems i'm as noob as you, i really dont have idea what tose lines mean, but i took them from an "iptables How-to"
I think maybe they block computers from the void (internet) to do NAT to your computer.
Is that ok everyone?

about: "Do I just connect my broadband to eth0 and connect my hub to eth1 and set an IP on my other computer?"
yep, i did that and it worked perfect.
actually i have static IP's on my other computers but maybe it shoul work with DHCP, i don't know if iptables does that.

:P