i'll try to copy and paste some iptables firewall rules for this later on.
regards,
mark.
Printable View
i'll try to copy and paste some iptables firewall rules for this later on.
regards,
mark.
ok, this is very messy, and brief, incomplete, as it is just bits from my own firewall rules which i cannot post in total, etc.. but here are some important parts of the firewall rule. i would still recommend for you to read the manuals on this one. btw... is your IP address static?
regards,
mark.
# location of iptables binary
IPT=/sbin/iptables
INT_IFACE="eth0" # internal interface
EXT_IFACE="eth1" # external interface
LOOPBACK_IFACE="lo" # loopback interface
PRIV_PORTS="0:1023"
UNPRIV_PORTS="1024:65535"
# allow packets from internal network (unprivileged ports)
$IPT -A INPUT -i eth0 -d 192.168.0.0/24 -p tcp --dport $UNPRIV_PORTS -j ACCEPT
# allow packets to internal network (privileged ports)
$IPT -A OUTPUT -o eth0 -d 192.168.0.0/24 -p tcp --dport $PRIV_PORTS -j ACCEPT
# change source IP of packets
$IPT -t nat -A POSTROUTING -o $EXT_IFACE -j SNAT --to <your static IP address>
# output using unprivileged ports
$IPT -A OUTPUT -o $EXT_IFACE -p tcp --dport $UNPRIV_PORTS -j ACCEPT
# enabled ip forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward