EasyLiveCD.com
LiveCD Software Solutions
Linux LiveCD Router new
Download free
Router Firewall PRO new
Hotspot Server
VoIP Server
Documentation
Admin Book
VoIP Book
Printed Books
Questions ?
info@easylivecd.com
Hardware
WiFi
Firewall
VoIP
IP Camera
News
VoIP
Linux Router
Hotspot
WiFi Blog
VoIP forum
Linux forums
Tutorials new
WiFi.com.ar

##CDrouter
##Firewall/Masquerading Mini HOWTO


##------------------------------------------------------------------------

## Rusty's Really Quick Guide To Packet Filtering
##Most people just have a single PPP connection to the Internet, and don't 
##want anyone coming back into their network, or the firewall:

## Create chain which blocks new connections, except if coming from 
## inside.

# iptables -N block
# iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT
# iptables -A block -j DROP

## Jump to that chain from INPUT and FORWARD chains.
# iptables -A INPUT -j block
# iptables -A FORWARD -j block


##------------------------------------------------------------------------

## Super simple NAT nat for eth0

# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

or 

## Super simple NAT nat for ppp0

# iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE



##------------------------------------------------------------------------

## more complete for eth0 and eth1 firewall
## Create chain which blocks new connections, except if coming from 
## inside.

# iptables -N block
# iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
# iptables -A block -j DROP

## Jump to that chain from INPUT and FORWARD chains.

# iptables -A INPUT -j block
# iptables -A FORWARD -j block

## Forwarding ports to the internal net

# iptables -t nat -A PREROUTING -p tcp --dport 8080 -i eth0 -j DNAT --to 192.168.1.77



##------------------------------------------------------------------------


Documentation Index