# Set up the firewall
# Any established connections are allowed through
# NAT rules to hide the Internal network topology using Overloaded
# NAT (PAT)
/sbin/iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A FORWARD -o eth1 -i eth0 -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# Allow lo (loopback) connections
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A OUTPUT -i lo -j ACCEPT
# Drop anything that doesnt fall in the category of NAT traffic
/sbin/iptables -A FORWARD -j DROP
Bookmarks