Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
09-19-2003, 08:50 PM
|
#1
|
Member
Registered: Feb 2003
Location: Malaysia
Distribution: Redhat 8.0, 9, Slackware 9.1
Posts: 511
Rep:
|
RH9 as a router....
hi,
if i want to setup my RH9 as a router, then, where should i looking for? routing table?? $ route -n ??? or
iptables?? $ iptable -t nat ???
thanks..
|
|
|
09-19-2003, 08:55 PM
|
#2
|
LQ Guru
Registered: Apr 2002
Location: Atlanta
Distribution: Gentoo
Posts: 1,280
Rep:
|
to setup a router you dont need iptables, you can play with the routing table and turn on ipforwarding and add the iptables nat rule if your router will double as an internet gateway.
rather than type it all out again, i'll suggest doing a search on the forums for this very topic. you'll find a few good examples.
because you seem to want to use it as an internet gateway, make sure you pick something that does involve iptalbes because you'll want the security features too.
|
|
|
09-19-2003, 10:24 PM
|
#3
|
Member
Registered: Feb 2003
Location: Malaysia
Distribution: Redhat 8.0, 9, Slackware 9.1
Posts: 511
Original Poster
Rep:
|
i am still blur.... can u pls explain in a more simple way?
anyway, i have been trying to setup a routing rules in my routing table... but, then, after i restart my networking services... the rules is changed... why? i am wondering.....
i did some studying on iptables too... there is a way for routing to a destination....in the PREROUTING chain.
ar..... i am too confused.... how??? what is the tool??? routing table or iptables -t nat ???
pls, give me more explaination.... what is the differences between routing table and iptables -t nat???
how can i make use to both of them??? thanks.... it is really urgent.... bye.....
|
|
|
09-20-2003, 12:23 PM
|
#4
|
Member
Registered: Sep 2003
Location: Philadelphia ,Pa
Distribution: Fedora Core 1 BABY !!! YEA
Posts: 67
Rep:
|
i have a gateway system that is a redhat 8.0 box but all the same rules apply to you to
basicly the command follws as is
iptables -t nat -A POSTROUTING -o eth0( in my case) -j MASQUERADE
the -o flag is for interface out meaning the object that you connect to the internet with wether it be
ppp0
eth0
what ever
the you enter this command
echo 1 > /proc/sys/net/ipv4/ip_forward
that right there enables ip forwadding , now the only bad part of this is , you know have this gateway/router with a weak firewall installed so you might wanna beef up security by inserting some chains into iptables
me i have
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
thats a simple way to allow you to ping another computer but anytime someone pings you , it drops them like a bad habbit.
And another good program out there for your firewall , gateway would be portsentry. So simple to install , what it does when someone does a portscan/nmap it gives them bogus info and drops them from the routing tables in ipchains . So even if they wanted to they couldnt connect to you , but beware because your deny list gets kinda of big specially if you have broadband.
|
|
|
09-20-2003, 02:38 PM
|
#5
|
Member
Registered: Jan 2003
Location: 127.0.0.1
Distribution: Fedora&Gentoo
Posts: 207
Rep:
|
|
|
|
All times are GMT -5. The time now is 02:42 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|