[Techtalk] moving to iptables
carla at bratgrrl.com
Tue Aug 5 10:16:51 EST 2003
On Tuesday 05 August 2003 4:01 am, Hamster wrote:
> > # modprobe iptable_nat
> > # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> > # echo "1" > /proc/sys/net/ipv4/ip_forward
> > You can run these from the command line, in this order, for testing. Once
> > you get your rules figured out, put 'em in a script.
> Setting up iptables is even simpler than this.
> You don't have to manually load the nat module because iptables supports
> automatic module loading. It loads the right module as soon as it sees that
> module mentioned in one of the rules. So in this case, as soon as it sees
> you've specified the target -j MASQUERADE, it automatically loads the nat
> Nor do you have to write a script to load the rules automatically on boot.
> If you're using RedHat, Mdk or Deb, they come with a "save" facility. Take
> Mandrake for example. Once you write your rules by entering them one at a
> time on the command line, you then run the command "service iptables save"
> and that saves all your rules and loads them automatically when your
> computer boots.
> The ipforwarding line (the command listed above as echo 1 > /proc etc)
> doesnt need to be scripted either. RH/Mdk/Deb all come with a special file
> that you use for telling your machine about any /proc entries. The file in
> question is /etc/sysctl.conf, and in this specific case you need to add the
> line net.ipv4.ip_forward = 1 and that takes care of forwarding.
> The best place for iptables info is its own website.
> This site contains its own doco, and links to lots of other tutorials as
See, you don't need opposable thumbs to be smart!
this message brought to you
by Libranet 2.7 and Kmail
More information about the Techtalk