Hello,
i have some starting problem with iptables. i know iptables is very powerful, but it's imho for beginers very complex.
i already used iptables a year ago to define very simple rules on a small home-server.
i copied and edited them from a book, which contains some easy examples. i tried to understand them, and i understood the mostly of them.
but now i have to define new more crazy rules.
my new device has much interfaces:
-loopback (lo)
-for ethernet (eth0)
-for umts/gsm (ppp0)
-wlan-access-point (mon.wlan0, wlan0, wmaster0)
here is my actual init-code for the "network-things":
Code:
# Remove all iptables-rules
iptables -F
iptables -X
...
# Define the rules
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
...
# Allow ip_forward
echo "1" > /proc/sys/net/ipv4/ip_forward
So i need the ip-forwarding for the clients on the wireless.
if possible the forwarding should use the ppp-connection, otherwishe the eth0, that works great.
my new rules i need:
my device has some services running, but they should not be connectable outside from the device. the service-webinterface should be open for all clients on eth0 and wlan0
so i have to close all input traffic with my device as target. the forwarding traffic has to work.
the port 80 has to be open for the webinterface.
the next rule is: delete all input from ppp0 (only let run created connections).
has anyone an idea?
thx,
best regards
toredo
