nat question
I use RedHat9 as a small office server. I use squid as a proxy, but squid is only a http proxy. I need a nat in order to use msn messenger (audio conversation). I have set it up like this:
sysctl -w net.ipv4.ip_forward=1 iptables -A FORWARD -i eth1 -j ACCEPT iptables -A FORWARD -o eth1 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE It's work, but I have two problems: 1. The whole network can access internet without any limits 2. When I type the command "iptables -L" I can't see the line iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE and I don't know how to delete this line My questions are: 1. What command do I need to allow internet access (through nat) only to one computer? 2. How can I list the nat table and how can I delete the nat records? |
iptables -t nat -A POSTROUTING -s 192.168.0.2 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j DENY assuming u want to allow only computer 192.168.0.2 to be nat'ed. |
the command to see the nat table is: iptables -t nat -L
|
All times are GMT -5. The time now is 03:38 AM. |