Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 08-28-2009, 04:21 PM   #1
LQ Newbie
Registered: Aug 2009
Posts: 1

Rep: Reputation: 0
Iptables command for allowing traffic across two subnets

Understanding that for any competent linux user this is likely an easy question.

Need to add a firewall rule to allow all traffic between two subnets:

Src=, Dst= srcport=ANY, dstport=ANY ALLOW
Src=, Dst= srcport=ANY, dstport=ANY ALLOW

I am wondering if someone would be so kind to provide the exact command line syntax to make this above happen.

Thanks in advance.


NOTE: is on eth0 and is on eth2

Last edited by tazschic; 08-28-2009 at 04:25 PM. Reason: more information
Old 08-29-2009, 02:52 AM   #2
Senior Member
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: KirraMail Live Email Server
Posts: 1,285

Rep: Reputation: 61
First of all, can you give us more information on what you are trying to do, a quick scenario will help us understand what you are trying to achieve.

What distro are you using? Are there any rules or scripts that you are currently using? without knowing this, you can run into all sorts of problems trying to trouble shoot, the more information you can give, the better we can help.

To help with you question, When you have 2 network cards you need to turn port-forwarding on in the kernel, most distro will have this turned off be default, try:
echo "1" > /proc/sys/net/ipv4/ip_forward
Then you need to add some forwarding rules

iptables -A FORWARD -i eth0 -o eth2 -s -d -j ACCEPT
iptables -A FORWARD -i eth2 -o eth0 -s -d -j ACCEPT
Old 08-30-2009, 08:54 PM   #3
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,406

Rep: Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396
You'll need to make that a permanent setting or it'll disappear at next boot.
Edit /etc/sysctl.conf

net.ip4.ip_forward = 1



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[HELP] redirect traffic to spesific port based on Traffic Content using iptables summersgone Linux - Server 2 06-22-2009 11:26 AM
iptables command to route all incoming traffic ger88005 Linux - Networking 2 02-11-2008 09:40 AM
Iptables - Allowing BitTorrent & aMule Traffic mistersnorfles Linux - Networking 2 08-20-2007 09:08 AM
allowing traffic in some ports igordonin Linux - Networking 10 12-11-2006 08:46 AM
iptables allowing all LAN traffic tebucky Linux - Security 1 11-04-2004 11:27 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:37 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration