Indice de la Documentación
##CDrouter
##Firewall/Masquerading Mini HOWTO
##------------------------------------------------------------------------
## Rusty's Really Quick Guide To Packet Filtering
##Most people just have a single PPP connection to the Internet, and don't
##want anyone coming back into their network, or the firewall:
## Create chain which blocks new connections, except if coming from
## inside.
# iptables -N block
# iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT
# iptables -A block -j DROP
## Jump to that chain from INPUT and FORWARD chains.
# iptables -A INPUT -j block
# iptables -A FORWARD -j block
##------------------------------------------------------------------------
## Super simple NAT nat for eth0
# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
or
## Super simple NAT nat for ppp0
# iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
##------------------------------------------------------------------------
## more complete for eth0 and eth1 firewall
## Create chain which blocks new connections, except if coming from
## inside.
# iptables -N block
# iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
# iptables -A block -j DROP
## Jump to that chain from INPUT and FORWARD chains.
# iptables -A INPUT -j block
# iptables -A FORWARD -j block
## Forwarding ports to the internal net
# iptables -t nat -A PREROUTING -p tcp --dport 8080 -i eth0 -j DNAT --to 192.168.1.77
##------------------------------------------------------------------------
Indice de la Documentación
|
