Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 01-23-2003, 07:55 AM   #1
LQ Newbie
Registered: Nov 2001
Posts: 2

Rep: Reputation: 0


I am using a private IP range on my LAN. I want that all the users when they connect to internet go through one public IP through the proxy server that I have.

What changes and in which file I have to make for this to happen.

Old 01-23-2003, 10:25 AM   #2
Registered: Jun 2002
Posts: 411

Rep: Reputation: 30
No one else is answering your question so i'll give it a shot. first, we need to know what kind of proxy you are using (Squid?). If you are using squid, you might want to consider an integrated firewall solution that is build to use it like shore wall.

regarding your natting, you haven't provided a lot of information so I am going to make some assumptions.

I assume that you have a redhat linux box and that you have IP chains disabled and have iptables installed. check this by typing at a terminal
whereis iptables

I assume you have not installed a firewall. the linux box has two network cards. one network card is dedicated to your internet connection (eth0) with a public IP address of

1. check this by opening a terminal as root and typing ifconfig -a

You have another NIC dedicated to your local network (eth1).

2. The address assigned to eth1 is and netmask of Check this by typing ifconfig eth1 netmask and typing /sbin/route add default gw (ip address of eth0).

3. You can check your work above by typing by using your favorite editor (in this case vi) and typing
vi /etc/sysconfig/devices/ifcfg-eth0

4. do the same for ifcfg-eth1.

5. All your client boxes have IP addresses like,, etc. Your private network is and gateway is check this by opening a terminal as root and typing
vi /etc/sysconfig/network

6. type:
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

7. type:
/sbin/iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE

8. type:
echo 1 > /proc/sys/net/ipv4/ip_forward

9. you should now configure all your clients to use as their gateway (for linux boxes use Step #2 as an example to follow).

10. if you have a problem, check your ip tables rules by typing:
/sbin/iptables -L -t filter -t nat

you should see something like:
/sbin/iptables -L -t filter -t nat
target prot opt source destination

target prot opt source destination

if you had a prior set of rules you will have to delete them by typing something like
/sbin/iptables --flush
/sbin/iptables --table nat --flush
/sbin/iptables --delete-chain
/sbin/iptables --table nat --delete-chain

11. as fast as you can, get a real firewall in place. see

12. if you have to post back with errors, give us the output of
route -n > iptableroute.txt (provide a copy of a text file of that name from your root directory)

Last edited by rioguia; 01-23-2003 at 04:10 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
natting issue mozilla Linux - Security 1 11-30-2005 11:08 AM
natting twice zsoltrenyi Linux - Networking 9 01-26-2005 04:39 AM
natting in Linux suvajit Linux - General 2 05-15-2003 02:19 PM
Natting / Routing suvajit Linux - Networking 2 05-15-2003 10:23 AM
Natting suvajit Linux - Software 1 05-15-2003 05:50 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:29 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration