Revision as of 06:45, 5 August 2014

http://www.hackorama.com/network/portfwd.shtml

IP Tables That Work (That bonding thing)

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface tun0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

client

iptables --table nat --append POSTROUTING --out-interface bond0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT

server

iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface bond0 -j ACCEPT

Iptables NAT FW (Without Full NAT, Just Insert)

#DISABLE ACCESS TO WAN NETWORK
iptables -I FORWARD -d WA.N.NET.WORK/24 -j DROP

#ALLOW HOST
iptables -I FORWARD -p tcp -d WA.N.DEV.ICE -s SOURCE.NAT.NET.WORK/24 -j ACCEPT
iptables -I FORWARD -p udp -d WA.N.DEV.ICE -s SOURCE.NAT.NET.WORK/24 -j ACCEPT

#ALLOW PING
iptables -I FORWARD -p icmp -m icmp --icmp-type 8 -d WA.N.DEV.ICE -j ACCEPT
iptables -I FORWARD -p icmp -m icmp --icmp-type 0 -d SOURCE.NAT.NET.WORK/24 -j ACCEPT
<pre>

Difference between revisions of "Iptables"

Revision as of 06:45, 5 August 2014

IP Tables That Work (That bonding thing)

Iptables NAT FW (Without Full NAT, Just Insert)

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools