Re: FC4 - Firewall/Router

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thomas Cameron wrote:

On Sat, 2005-06-18 at 10:05 -0400, Greg Swallow wrote:



Network 192.168.0 is configured by D-Link wireless router to cable modem. firewall has access to the internet through
the router via dhcp on eth0. eth1 is attached to what will be network 192.168.1 and we want firewall to serve dhcp on
that network. We also want firewall to route internet traffic from/to 192.168.1 through 192.168.0; without having to
shutdown the firewall server to do so.



Out of curiosity, why are you running a firewall behind the NAT router? The NAT router is going to keep the bad guys out by its design. Granted it's not a really high-end security solution, but most of the NAT routers out there today are pretty secure.

Having said that, I would set my firewall rules like this (should all be
on one line):

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source
192.168.0.1

Save your settings by issuing the command:

service iptables save

Make sure that iptables will run next time your system boots:

chkconfig iptables on

Set your default route on the Linux firewall to be 192.168.0.1.

Turn routing on via /etc/sysctl.conf:

net.ipv4.ip_forward = 1

Then do

sysctl -e -p /etc/sysctl.conf

I think that's it.  Obviously, this is a very simple setup.  You can go
pretty crazy with iptables.

Holler if you need more info.

Thomas



Another thing he might try, he said he was looking for a GUI, is firestarter, if I'm reading him correctly. A simple GUI app that takes care of DHCP and firewalling and is intuitive and quick to set up.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux