[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Make a DHCP server using Fedora - Help

> After this breakthrough I also found out or not sure here?
> is that iptables are forwarding packets to eth1
> upon reading another page:
> http://chwang.blogspot.com/2007/11/making-linux-fedora-core-8-as-gateway.html
> it says iptables and has this part:  
> # Forward all packets from eth1 (internal network) to eth0
> (the public internet)
> iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
> # Forward packets that are part of existing and related
> connections from eth0 to eth1
> iptables -A FORWARD -i eth0 -o eth1 -m state --state
> # Enable SNAT functionality on eth0. a.b.c.d are generally
> the ip of the eth0
> iptables -A POSTROUTING -t nat -s -o eth0 -j
> SNAT --to-source a.
> Then it recommends visiting the other page which was
> referenced before.  
> I will probably get to this machine tomorrow or on Monday. 
> I hope that I can get this working and with advice from the
> list I believe it can get done.
> Regards,
> Antonio 
> -- 

I see that the forwarding is not there anymore :(
See here:

[root localhost ~]# cat /etc/sysconfig/iptables                      
# Firewall configuration written by system-config-securitylevel      
# Manual customization of this file is not recommended.
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

I can try using system-config-firewall to allow it or how do I do it, I added it manually and then ran iptables-save, but it is not there anymore :(

Thank you all for your help,



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]