Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
- To: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
- Subject: Re: [MLUG - DISCUSSION] IPTABLES - Router help
- From: George Robb <EMAIL:PROTECTED>
- Date: Mon, 5 Mar 2007 17:30:11 -0600
- Delivery-date: Mon, 05 Mar 2007 17:30:32 -0600
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:from:subject:date:to:x-mailer; b=sNsj/q38ATgsERC5WsO+X1dJxsi9MbgR4HIekIdnbEKBUkaxShcMU9njyG3mMoIqkVZhF+4/AygQW4/65VjhHpTzw69Y9SFszPJQCvjuQc6YuDPXhAu0FID9WhFKcstc1+mr2CmrPAuBnSArSjX9APiYsKNKn42W3JpDNqaachU=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:from:subject:date:to:x-mailer; b=RjPPpytqXP+L4WooTVG2pz17Kz+Bt6Fvf/t5y7Fv1xFY2hi+u13yKD1NZSCUat64RS8JX5SOzdfyLuMdD9j5RNYfborqZ6vzVtEwbh6Fw/z32lFo4e79P3Gwk+q3we1diAg/0hbzM0xh23l2U2S/ytBd+FhiTCbeoFRzoX5ZeSw=
- Envelope-to: EMAIL:PROTECTED
- In-reply-to: <EMAIL:PROTECTED>
- References: <EMAIL:PROTECTED>
- Reply-to: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
- Sender: EMAIL:PROTECTED
I was sure someone would beat me to this.
I'm using Gentoo and have a setup darn near identical to this:
http://www.gentoo.org/doc/en/home-router-howto.xml
Only difference is that I'm using it to be a bridge for my wireless
network in the house to a wired network out in the garage... (yea,
yea, I'm lazy for not stringing some cat-5 but, it works and it is a
P.O.S. laptop that I don't care if it gets destroyed.) ;)
The iptables instructions are very well written in my opinion take a
look at code listing 5.2.
Hope this helps,
George
On Mar 5, 2007, at 1:45 PM, Brandon West wrote:
A re-send. I don't think it went through the first times. Sorry in
advance for a duplicate.
I knew how to configure a router via ipchains, but haven't used
iptables in the same manner to do this.
This is my setup: eth0 192.168.0.1
eth1 192.168.1.1
I have comptuers on the "0" subnet as well as the "1" subnet. So I
need to get linux to route the packets to/from the client
192.168.1.10 to the server on 192.168.0.10.
For example what I'd do in the past is this:
ipchains -I forward -j ACCEPT -s 192.168.1.0/24 -d 192.168.0.0/24 -b
That would allow the linux box to then allow data to be moved
across the two different subnets.
While this is a simple example of what I need to do, in reality, I
have 4 subnets that need to be routed, say 192.168.0.0,
192.168.1.0, 192.168.2.0 and 192.168.3.0.
So my ipchains commands to route this network would be:
#routes from 0 to 1
ipchains -I forward -j ACCEPT -s 192.168.0.0/24 -d 192.168.1.0/24 -b
#routes from 0 to 2
ipchains -I forward -j ACCEPT -s 192.168.0.0/24 -d 192.168.2.0/24 -b
#routes from 0 to 3
ipchains -I forward -j ACCEPT -s 192.168.0.0/24 -d 192.168.3.0/24 -b
#routes from 1 to 2
ipchains -I forward -j ACCEPT -s 192.168.1.0/24 -d 192.168.2.0/24 -b
#routes from 1 to 3
ipchains -I forward -j ACCEPT -s 192.168.1.0/24 -d 192.168.3.0/24 -b
#routes from 2 to 3
ipchains -I forward -j ACCEPT -s 192.168.2.0/24 -d 192.168.3.0/24 -b
Thus the above example allows all the subnets to talk to eachother.
Then back in the day of ipchains I used to setup a script of some
sort with the above info in it, so that when you rebooted your
router would work. Is there a way to write this to the default
table upon boot?
Thanks in advance,
Brandon
PS, I only need to know how to use iptables in the first example, I
can figure out everything else from there.
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact