Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

• To: EMAIL:PROTECTED
• Subject: [MLUG - DISCUSSION] IPTABLES - Router help
• From: Brandon West <EMAIL:PROTECTED>
• Date: Mon, 5 Mar 2007 13:45:09 -0600 (CST)
• Delivery-date: Mon, 05 Mar 2007 13:45:25 -0600
• Envelope-to: EMAIL:PROTECTED
• Reply-to: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
• Sender: EMAIL:PROTECTED

---

A re-send. I don't think it went through the first times. Sorry in advance for a duplicate.

I knew how to configure a router via ipchains, but haven't used iptables in the same manner to do this.

This is my setup: eth0 192.168.0.1
		  eth1 192.168.1.1

I have comptuers on the "0" subnet as well as the "1" subnet. So I need to get linux to route the packets to/from the client 192.168.1.10 to the server on 192.168.0.10.

For example what I'd do in the past is this:
ipchains -I forward -j ACCEPT -s 192.168.1.0/24 -d  192.168.0.0/24 -b

That would allow the linux box to then allow data to be moved across the two different subnets.

While this is a simple example of what I need to do, in reality, I have 4 subnets that need to be routed, say 192.168.0.0, 192.168.1.0, 192.168.2.0 and 192.168.3.0.

So my ipchains commands to route this network would be:
#routes from 0 to 1
ipchains -I forward -j ACCEPT -s 192.168.0.0/24 -d  192.168.1.0/24 -b
#routes from 0 to 2
ipchains -I forward -j ACCEPT -s 192.168.0.0/24 -d  192.168.2.0/24 -b
#routes from 0 to 3
ipchains -I forward -j ACCEPT -s 192.168.0.0/24 -d  192.168.3.0/24 -b
#routes from 1 to 2
ipchains -I forward -j ACCEPT -s 192.168.1.0/24 -d  192.168.2.0/24 -b
#routes from 1 to 3
ipchains -I forward -j ACCEPT -s 192.168.1.0/24 -d  192.168.3.0/24 -b
#routes from 2 to 3
ipchains -I forward -j ACCEPT -s 192.168.2.0/24 -d  192.168.3.0/24 -b

Thus the above example allows all the subnets to talk to eachother.

Then back in the day of ipchains I used to setup a script of some sort with the above info in it, so that when you rebooted your router would work. Is there a way to write this to the default table upon boot?

Thanks in advance,

Brandon

PS, I only need to know how to use iptables in the first example, I can figure out everything else from there.

_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion

---

• Follow-Ups:
  • Re: [MLUG - DISCUSSION] IPTABLES - Router help
    • From: George Robb <EMAIL:PROTECTED>

• Prev by Date: RE: [MLUG - DISCUSSION] Al Gore's home
• Next by Date: Re: [MLUG - DISCUSSION] Al Gore's home
• Previous by thread: [MLUG - DISCUSSION] IPTABLES - Router help
• Next by thread: Re: [MLUG - DISCUSSION] IPTABLES - Router help
• Index(es):
  • Date
  • Thread