--- SWAPNIL <[EMAIL PROTECTED]> wrote: > Dear All, > > I have just install RH 9.0 as proxy server and mail > server for our network > > now i need implement iptables in my RH 9 system for > using as router > > before this i am using ipchains in RH 6.2 > > ipchains -A forward -s 192.168.1.1 -d > www.mydomain.com -j MASQ > > i want command for iptables with same effect of > above command in ipchains
Swapnil, Here is a "cheatsheet" that I had created for sharing internet connections using iptables. I hope this will help you. There's also an iptables tutorial link down there in the cheatsheet somewhere... Problem statement: You have a Linux machine connected to the internet via a DSL connection. You also have another PC at home (a WinXP PC for the purpose of this cheatsheet). You want that PC to share the internet connection with your Linux machine. Please note that whenever I say "Linux", I really mean Fedora Core 3 and I have tried these steps with Fedora Core 3. The steps should work with other distros as well. Solution: Step 1: Buy (or otherwise acquire) a network card and fit it into the PCI slot of your Linux Machine. Step 2: Boot your Linux machine and let the hardware detection program (Kudzu) detect your card and install the drivers for it. Step 3: Buy a 'switch' or a 'hub'. Connect the new network card on your Linux machine to the hub. Also connect your other computer to the hub. Alternative Step 3: Don't use a switch. Instead, use a 'crossover cable' to connect the new network card on your Linux machine with the network card on your WinXP machine. This is useful if you only have one other computer that you want to connect to the internet. I have not tried this, but I believe this will work. I still recommend going with a switch. Step 4: FC3 will have configured your new network card as 'eth1'. Use the following command to configure eth1: ifconfig eth1 192.168.0.1 netmask 255.255.255.0 Step 5: Configure your windows machine as follows: IP Address: 192.168.0.2 NetMask: 255.255.255.0 Gateway: 192.168.0.1 (your Linux Machine) If you add another machine to the hub/switch, you can assign it the IP address 192.168.0.3 and so on. Step 6: Make sure you can 'ping' from one machine to the other. Step 7: Configure IP forwarding on your Linux Machine using the following commands: iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain # Set up IP FORWARDing and Masquerading iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE iptables --append FORWARD --in-interface eth1 -j ACCEPT - Assuming one NIC to local LAN echo 1 > /proc/sys/net/ipv4/ip_forward (Please refer:http://www.yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html) Step 8: Configure DNS on your Windows machine. Run the following command on your Linux machine: cat /etc/resolv.conf >From the output of the entries, pick out the 'nameserver' entries and specify these entries in the network configuration box on your windows machine. Step 9: Run internet explore on your windows machine and browse the web :-) Thanks, Prashant Verma http://www.saltlakesoft.com _______________________________________________ ilugd mailinglist -- [email protected] http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/[email protected]/
