Howto use NAT on Fedora Core 9 machine with iptables

Network Address Translation is a technique to masquerade IP addresses on your internal LAN to the outside world. In other words; the outside world will not be able to look into your network.

This technique is easy to setup and maintain, saves IP addresses and is likely more secure that pure routing. To set it up, you require:

  1. A Linux machine, for this example Fedora Core 9
  2. Two network cards, eth0 attached to you LAN, eth1 connected to the internet.
  3. A little bit of Linux/UNIX knowledge
  4. 30 minutes or so

Enable IP forwarding

To be able to use IP forwarding, you must tell the kernel that it's okay to forward traffic from one network card to another. This setting is found in /etc/sysctl.conf. Set net.ipv4.ip_forward to 1.
To do this, execute:

echo 1 > /proc/sys/net/ipv4/ip_forward
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf

The first command enables IP forwarding now, a reboot would undo this setting. To enable this setting for every reboot, also execute that second line.

Enable the firewall (IPtables)

Make sure the service IPtables is running now and is started at bootup:

# service iptables status
<output omitted>
# chkconfig --list iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off

Configure the firewall (IPtables)

Now that the kernel knows it's allowed to forward traffic from one NIC to another, configure the firewall. The firewall is the intelligent part of setting up NAT, IPtables actually 'does the work'. Here are the commands to set it up:

/sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Safe the firewall rules

You have only configured the firewall for now, a reboot would undo all settings. Run this command once you are happy with the setup:

# /sbin/service iptables save

Reboot to test the setup. Your LAN client will have to set the default route to the IP address of the NAT machine's LAN NIC.

Comments

https://spanish982.wordpress.

https://spanish982.wordpress.com/

https://spanish982.wordpress.

https://spanish982.wordpress.com/

Catch every moment of the

Catch every moment of the Super Bowl LI 2017 live on 2 Giant screen projectors.

You have to enter the IP

You have to enter the IP address of your PC. Similarly, guarantee that you doled out a static IP address on the said PC with the objective that it will regardless be connected with the opened port once the DHCP server (switch) energizes the IP areas of the PCs and devices connected with it. A debt of gratitude is in order for sharing this awesome thought. I would have the capacity to utilize this in my venture

You have to utilize the IP

You have to utilize the IP address of the gadget or PC where you need the port to be opened. Say for instance, on the off chance that you need to play World of Warcraft on your PC, then you need to enter the IP address of your PC. Likewise, ensure that you doled out a static IP address on the said PC with the goal that it will in any case be associated with the opened port once the DHCP server (switch) recharges the IP locations of the PCs and gadgets associated with it. For a more point by point direction, go to uk essay help ... Trust that makes a difference.

Articulate for case in point,

Articulate for case in point, on the rotten possibility with the intention of you call for to engage in recreation planet of conflict dexterity on your computer, after that you require to go into the IP address of your processor.

Thanks for sharing this

Thanks for sharing this wonderful idea. I would be able to use this in my project. - Steven Wyer

About Consultancy Articles Contact




References Red Hat Certified Architect By Robert de Bock Robert de Bock
Curriculum Vitae By Fred Clausen +31 6 14 39 58 72
By Nelson Manning [email protected]