Basic NAT and port forward
Noah Eiger
nme@earthlink.net
Thu, 12 Jul 2001 19:18:11 -0700
Hello:
I have a Linux 2.4.2 box with three ethernet interfaces:
- eth0 10.2.2.42/29 is a public address to the Internet (in my scenario)
- eth1 192.168.1.1/24 is the default gw for the office subnet
- eth2 192.168.10.1/24 is the default gw for the training subnet
I would like to have:
- eth1 and eth2 MASQ'd behind eth0
- control over traffic initiated from the Internet in (see below)
- ssh open to the Linux box
- port forwarding to a single internal server
- control over traffic between the internal subnets (see below)
- may want to allow access from certain boxes to certain servers
- may want to allow certain services/ports
Can iptables do this? Does it handle multiple interfaces like this? What is
the best way to go about building this?
Frankly, after reading many HOWTO's and sample scripts, etc. I am still
confused. I am new to Linux but not to networking. I feel like I could make
this work with a Cisco router, just not a Linux one.
Thanks to anyone who has even read this far :-) I have a few specific
questions as well:
- how do I know if iptables is module or in my kernel?
- is forwarding something that should be enabled by a script each time I
boot or should it be "permanently" enabled?
- am I running the correct version/ do I need to patch?
Thanks a ton.
nme
----------------------------------------------
Noah Eiger
nme@earthlink.net
----------------------------------------------