[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: set up NAT (network address translation) on local server



On Thursday 20 November 2008 13:52, Christopher K. Johnson wrote:
> Does /etc/sysconfig/iptables actually contain the lines
>
> *nat
>
> :PREROUTING ACCEPT [1:233]
> :POSTROUTING ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
>
> -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j SNAT --to-source 10.154.19.210
> COMMIT
>
> It seems unlikely that it was written correctly since the restart did
> not implement your SNAT rule, and this file is what a restart reads.
> Perhaps there is  a bug in iptables-save?  I edit
> /etc/sysconfig/iptables directly, and recommend that if you are not
> using some firewall front-end or tool to do this, that you do the same.

:-)

I am not that much pro for iptables as for dhcp --- in fact, I gave up on 
learning iptables syntax a long time ago and rely on guis for configuration 
--- but wouldn't it be much much easier for the OP to set up nat using, say, 
firestarter?

First "yum install firestarter". Then run it and answer the questions that 
wizard asks. Activate NAT options, do not touch dhcp options (this is already 
configured). The eth1 device is the local network, while eth0 is the uplink 
to outside. I don't have two network cards here now so I cannot repeat exact 
steps, but it should be trivial in a sense.

HTH, :-)
Marko






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]