Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 09-29-2003, 10:38 AM   #1
LQ Newbie
Registered: Sep 2003
Location: Darwin , Australia
Posts: 2

Rep: Reputation: 0
Question iptables MASQUERADING at boot


I have been trying to figure out what my problem is for a long time and I just can't figure it out. PLEASE HELP!

I have redhat 9 running on my computer.

I have inserted the following in my '/etc/init.d/iptables' file:
NOTE: #### indicate the bit I added

echo -n $"Clearing all current rules and user defined chains:"
let ret=0
for i in $chains; do iptables -t $i -X; let ret+=$?; done
iptables -X
let ret+=$?
if [ $ret -eq 0 ]; then

# MASQUERADING section (ie allows internal network to access Internet through thiis)
iptables -t filter --append FORWARD --jump ACCEPT --in-interface eth1
iptables -t nat --append POSTROUTING --jump MASQUERADE --out-interface ppp0
echo 1 > /proc/sys/net/ipv4/ip_forward
echo I have enabled Internet access \(ppp0\) to intranet users \(eth1\).

for i in $chains; do iptables -t $i -Z; done
echo -n $"Applying iptables firewall rules: "
grep -v "^[[:space:]]*#" $IPTABLES_CONFIG | grep -v '^[[:space:]]*$' | /sbin/iptables-restore -c && \
success || \

touch /var/lock/subsys/iptables

When I reboot the computer all appears fine as I get no error messages but the masquerading simply does not work. I have no clue why because when I restart iptables it works fine.

Can anyone tell me what the problem is?
Can anyone tell me how I was supposed to identify this issue without having to ask?

Please help
Old 09-29-2003, 11:10 AM   #2
Registered: Sep 2003
Distribution: Debian/GNU
Posts: 30

Rep: Reputation: 15
If you try calling the script from the end of your /etc/rc.d/rc.local file will it start properly?
Old 09-30-2003, 08:41 AM   #3
LQ Newbie
Registered: Sep 2003
Location: Darwin , Australia
Posts: 2

Original Poster
Rep: Reputation: 0
I figured it out

My problem appeared to be that in the file /etc/sysctl.conf I had to set the variable for IP forwarding to 1 so that the file looked like:

# Kernel sysctl configuration file for Red Hat Linux
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables : masquerading not possible iamtux Linux - Networking 3 06-05-2005 12:32 AM
squid and iptables masquerading egyptian Linux - Security 1 09-05-2004 05:31 AM
IP Masquerading (with iptables) and Planetside Milkman00 Linux - Networking 4 06-06-2003 10:12 AM
Iptables Masquerading GOLDF1NG3R Linux - Security 3 11-11-2001 12:51 AM
Iptables Masquerading GOLDF1NG3R Linux - Networking 4 11-01-2001 05:34 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:08 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration