Not able to get MASQ work on RedHat 7.1

Brad Chapman kakadu@adelphia.net
Wed, 08 Aug 2001 07:46:15 -0400 

Rohit Peyyeti wrote:

> No Luck :-(
> 
>  
> 
> ...Rohit
> 
>     ----- Original Message -----
>     
>     From: Samuel Tran <mailto:stran@immostreet.com>
>     
>     To: Rohit Peyyeti <mailto:rohit@translogicsys.com> ; netfilter 
>     <mailto:netfilter@lists.samba.org>
>     
>     Sent: Wednesday, August 08, 2001 12:48 PM
>     
>     Subject: Re: Not able to get MASQ work on RedHat 7.1
>     
>     
>     You may want to try :
>     
>     $IPTABLES -t nat -A POSTROUTING -o eth1 -s $INT_NET  -j SNAT 
>     --to-source $EXT_IP
>     
>     Sam
>      
>     
>     Rohit Peyyeti wrote:
>     
>         Hello: Since past few days I have been trying to get MASQ 
>         withiptables work. I have installed RedHat 7.1 on a systemwith 
>         64 MB RAM with 1 GB Harddisk and Pentium 100 MhzCPU. I tried 
>         setting up MASQ using IP Chains on RedHat 7.0.It works perfectly 
>         fine. I then upgraded to RH7.1 andtried getting MASQ work with 
>         iptables but without anyluck. I have a wireless broadband 
>         connection with staticip address. I have two NICs, one facing 
>         internet andother facing my local area network. eth0 is facingmy 
>         Local area network and eth1 is facing the internet. Here is what 
>         my script file contains: ====== # - Enabling packet forwarding 
>         in the kernel
>         echo "1" > /proc/sys/net/ipv4/ip_forward # - Internal IP Address 
>         range
>         INT_NET="200.200.200.0/24" # - External IP 
>         AddressEXT_IP="64.110.96.176" # - Empty the chains
>         $IPTABLES -F
>         $IPTABLES -t nat -F # - Default policy - Drop everything"
>         $IPTABLES -P INPUT DROP
>         $IPTABLES -P FORWARD DROP
>         $IPTABLES -P OUTPUT ACCEPT # - MASQ all internal traffic out to 
>         the Internet
>         $IPTABLES -t nat -A POSTROUTING -o eth1 -s $INT_IP  -j SNAT 
>         --to-source $EXT_IP ====== I somehow still not able to get this 
>         thing working. Don't knowwhere I am going wrong. Please 
>         help Thanks, ...Rohit TransLogic Systems
>         5th Floor, Amogh Plaza, Greenlands,
>         Hyderabad, AP - 500 016, INDIA
>         Ph: 91.40.3401795, Fax: 91.40.3407943
>         www.translogicsys.com <http://www.translogicsys.com>
>     

Mr. Peyyeti,

	Try this command:

	iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to $EXT_IP

	And change the default policy of FORWARD to ACCEPT, or else you
won't be able to do NAT at all (FORWARD is the chain that traffic which 
is being routed through the system traverses).

Brad