On Thu, Nov 30, 2006 at 03:03:13 +1100, Scott Waller (Lots of Watts) wrote:
> and I want to let all the computers on eth0 network to talk to an
> internet connection on the 10.0.0.1 network, how would I use iptables
> and/or NAT to make this happen?
Make sure that all the computers on eth0 have 192.168.0.1 as their
default gateway and then something list this should do the trick:
# accept all packets that are part of an existing connection
iptables -I FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
# forward anything from eth0 to eth1
iptables -A FORWARD -s 192.168.0.0/24 -i eth0 -o eth1 -m state --state NEW
-j ACCEPT
# masquerade anything forwarded from eth0 to eth1
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE
Cheers,
John
--
Yeah, but imagine all the helpdesk calls. The term 'clitmouse' gives an
accurate indication of how to operate the control[1]. But with a 'penis
control' it'd be seconds before a luser calls in "my cursor doesn't move
when I move my hand up and down the shaft". -- Arthur van der Harg
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
