Wed, 8 Mar 2000 Jorge Severino wrote:
JS>Howto make NAT in ipchains and port forwarding ???
Hello!
Set default policy for forwarding chain to DENY:
ipchains -P forward -j DENY
Then add masquerading rules to the chain:
ipchains -A forward -s 10.0.0.0/8 -j MASQ
(network 10.0.0.0 with mask 255.0.0.0 will be masqueraded)
Also it is generally a good idea to DENY all incoming (from your outgoing interface,
which has valid Inetrnet IP address, eth0 for example) with source address 10.xx.yy.zz:
ipchains -A input -i eth0 -s 10.0.0.0/8 -j DENY
(eth0 is your interface that sends packets to Internet)
This is needed if your "clients" with 10.xx.yy.zz IP's are on another interface card
(e.g. eth1 in above example).
Help: man ipchains, man ipfw, IP-Masquerading mini howto.
--
Good luck!
Yuri G. Polyanski
ICQ #52224443 mailto: [EMAIL PROTECTED] IRC Dalnet: Kalhown
Mar 8
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
