LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-11-2005, 06:42 AM   #1
Led*Zep
LQ Newbie
 
Registered: Jul 2001
Location: Aldershot, UK
Distribution: Fedora Core 4
Posts: 16

Rep: Reputation: 0
Stupid question about NAT


Hi

I know this is a daft question, but I hope somebody can give me a direct answer.

I have a Fedora Core 4 box that I want to use as a LAN gateway/firewall. I have a cable connection with only a single IP, so I want to NAT all clients behind the single IP.

I have IPTables and understand that ok, but I cant find a straight answer to how I should setup masquerading... the netfilter wesite says do this

# Load the NAT module (this pulls in all the others).
modprobe iptable_nat

# In the NAT table (-t nat), Append a rule (-A) after routing
# (POSTROUTING) for all packets going out ppp0 (-o ppp0) which says to
# MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

but when I add the iptables line nothing shows up when I "iptables --list" should I see the line there???

Should that work???

Thanks
 
Old 11-11-2005, 09:14 AM   #2
imitheos
Member
 
Registered: May 2005
Location: Greece
Posts: 433

Rep: Reputation: 117Reputation: 117
Re: Stupid question about NAT

Quote:
Originally posted by Led*Zep
Hi

I know this is a daft question, but I hope somebody can give me a direct answer.

I have a Fedora Core 4 box that I want to use as a LAN gateway/firewall. I have a cable connection with only a single IP, so I want to NAT all clients behind the single IP.

I have IPTables and understand that ok, but I cant find a straight answer to how I should setup masquerading... the netfilter wesite says do this

# Load the NAT module (this pulls in all the others).
modprobe iptable_nat

# In the NAT table (-t nat), Append a rule (-A) after routing
# (POSTROUTING) for all packets going out ppp0 (-o ppp0) which says to
# MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

but when I add the iptables line nothing shows up when I "iptables --list" should I see the line there???

Should that work???

Thanks
If you don't mention which table then iptables default to "filter" table
So your "iptables --list" is the same as "iptables -t filter --list"
You can see your rule by running "iptables -t nat --list" (you can put "-L" instead of "--list")
 
Old 11-11-2005, 09:52 AM   #3
Led*Zep
LQ Newbie
 
Registered: Jul 2001
Location: Aldershot, UK
Distribution: Fedora Core 4
Posts: 16

Original Poster
Rep: Reputation: 0
Great ta

Yep, I can see it now...

Thanks very much...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Nat Question keefaz Linux - Networking 3 08-25-2008 03:55 AM
Stupid, stupid question; I lost Klaptop. :( Surfrider Slackware 2 08-31-2005 09:12 PM
nat question gubak Linux - Networking 2 03-01-2005 06:54 AM
Stupid Dumb Stupid Question... drigz Linux - Software 3 09-23-2004 03:09 PM
really stupid question arlothemoo Linux - General 12 09-16-2002 03:37 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:21 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration