20 Aug 09 Linux NAT Masquerading HOWTO
Here’s a really quick rundown on setting up masquerading. You’d use this to share one internet connection between multiple local network machines. It’s what most regular ‘routers’ that your ISP sends out do and it’s really easy to set up under Linux in it’s most simplest form
modprobe ipt_MASQUERADE
iptables -F; iptables -t nat -F; iptables -t mangle -F
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
eth0 should be your external interface. You can use ppp0 or any other registed netwrk interface. For security you might want to stop anything in the forward chain except that originating from your own local network, e.g.:
iptables -P FORWARD DROP
iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
Tags: iptables, ip_forward, Linux, masquerade, masquerading, modprobe, nat, postrouting
Leave a Comment
You must be logged in to post a comment.
|
I'm Adam Palmer, and I'm a PHP Programmer, Web Security Consultant, and Linux Consultant.
I run 'APNIC Solutions Ltd' and spend most of my time consulting, managing server clusters, and writing PHP, whilst what little spare time I have is dedicated to playing with gadgets.
|
