Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
09-24-2003, 10:02 PM
|
#1
|
LQ Newbie
Registered: Sep 2003
Posts: 2
Rep:
|
IPTABLES nat doesn't start up at boot
I am running several RH8 firewalls using iptables with NAT enabled. What I am finding is that while iptables starts up just fine at boot, the nat part doesn't work until I do a restart.
I am running DHCP to the internal LAN, and was wondering if the ordering of these 2 (iptables starts up first) could be a problem?
According to /var/log/boot.log, iptables starts up without error. An iptables -L shows that the tables are all loaded and the rules all seem to be there. I have ip_forward turned on via /etc/sysctl.conf, and the script loads all the iptables modules before doing anything else practically.
Here are the NAT statements
$IPTABLES -A PREROUTING -t nat -i $EXTIF -p tcp -d $EXTPRINTIP --dport 9100 -j DNAT --to-destination $INTPRINTIP
#Source NAT from Internal Net to External Net
$IPTABLES -A POSTROUTING -t nat -o $EXTIF -j SNAT --to-source $EXTIP
thanks.
|
|
|
09-24-2003, 10:22 PM
|
#2
|
Member
Registered: Dec 2002
Location: Nevada
Distribution: fedora, RHEL, ubuntu, suse
Posts: 343
Rep:
|
|
|
|
09-25-2003, 06:29 AM
|
#3
|
Member
Registered: Sep 2003
Posts: 31
Rep:
|
after writting the command down save it by :
service iptables save
|
|
|
09-25-2003, 06:56 AM
|
#4
|
Member
Registered: Sep 2003
Location: Bulgaria
Distribution: Ubuntu 9.10, FreeBSD 7.2
Posts: 459
Rep:
|
have you modprob-ed? have you wroten '1' in /proc/sys/net/ipv4/ip_forward?
|
|
|
09-25-2003, 08:09 AM
|
#5
|
LQ Newbie
Registered: Sep 2003
Posts: 2
Original Poster
Rep:
|
my original question
states that I use sysctl.conf to set ip_forward to 1 and the script loads all the modules.
I would rather get this one nutted out if possible than move onto another application with the question unanswered.
But thanks for the replies anyhow.
|
|
|
All times are GMT -5. The time now is 04:22 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|