Actually this a mighty good proposal my friend.
two interfaces is what i also need, have been mesing with it 2 days now, the way of noob is heavy
so far i have tried to add
HTML Code:
iptables -A FORWARD -o eth1 -i eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -j DROP
as well as
Code:
iptables -A FIREWALL-o eth1 -i eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FIREWALL -j DROP
whell forwarding goes trough, but any other roule as http allow and others dont apply
HTML Code:
root@triber:~# /etc/init.d/firewall status
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 192.168.0.0/24 anywhere state NEW
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
So if OP or iptables guru´s could find time to respond me and many others would really appreciate it.
Bookmarks