try with this script ....
#!/bin/sh IPTABLES=/sbin/iptables MODPROBE=/sbin/modprobe # forwarding echo "1" > /proc/sys/net/ipv4/ip_forward $MODPROBE ip_tables $MODPROBE ip_conntrack $MODPROBE iptable_filter $MODPROBE iptable_nat $MODPROBE iptable_mangle $MODPROBE ipt_LOG $MODPROBE ipt_limit $MODPROBE ipt_state $IPTABLES -F $IPTABLES -X $IPTABLES -Z #=========================================================================== # $IPTABLES -P INPUT DROP $IPTABLES -P OUTPUT DROP $IPTABLES -P FORWARD DROP #=========================================================================== =# $IPTABLES -A INPUT -i lo -j ACCEPT $IPTABLES -A OUTPUT -o lo -j ACCEPT #=========================================================================== =# $IPTABLES -A OUTPUT -o eth1 -j ACCEPT $IPTABLES -A INPUT -i eth1 -j ACCEPT $IPTABLES -A INPUT -i eth0 -m --state NEW,ESTABLISHED -j ACCEPT $IPTABLES -A OUTPUT -o eth0 -m --state ESTABLISHED,RELATED -j ACCEPT #=========================================================================== =# $IPTABLES -A FORWARD -i eth0 -o eth1 -j ACCEPT $IPTABLES -A FORWARD -o eth0 -i eth1 -j ACCEPT #=========================================================================== # $IPTABLES -t nat -A POSTROUTING -o eth1 -j MASQUERADE -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Envoye : mardi 5 avril 2005 13:02 A : Suranga Kasturiarachchi Cc : [email protected] Objet : Re: Firewall help Suranga Kasturiarachchi wrote: > Dear all, > > My Linux box has two interfaces(eth0 and eth1). and eth0 connected to internet, eth1 connected to local LAN. the interfaces are using deferent ip. what I want to do is, when the lacal lan user request the internet, I need to resolve there request using iptable. i need to do it without using squid proxy. My internet gateway is 202.51.140.129(eth0) and local land is 192.168.1.0 range. > > Please help me on this matter. The simplest (though not the safest) way to do this: echo 1 > /proc/sys/net/ipv4/ip_forward modprobe iptable_nat iptables --flush iptables -t nat --flush iptables -t mangle --flush iptables --delete-chain iptables -t nat --delete-chain iptables -t mangle --delete-chain iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > thanks, > > suranga > Henk -- Henk Roose <[EMAIL PROTECTED]> CWI - Centrum voor Wiskunde en Informatica Centre for Mathematics and Computer Science Amsterdam (NL) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
