intreeg
asked on
What is the minimum command set to enable NAT on a linux box using iptables and a cable modem.
On a linux box with eth0 configured for 192.168.111.254/24 and eth1 connected to a cable modem (DHCP), is this the minimum command set to enable NAT and allow the machines on 192.168.111.0/24 to connect to the internet? (Kern = 2.6.9)
$> modprobe ipt_MASQUERADE
$> iptables -F; iptables -t nat -F; iptables -t mangle -F
$> iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
$> echo 1 > /proc/sys/net/ipv4/ip_forw
$> modprobe ipt_MASQUERADE
$> iptables -F; iptables -t nat -F; iptables -t mangle -F
$> iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
$> echo 1 > /proc/sys/net/ipv4/ip_forw
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It appears that you are both right in your own ways. It is not the minimum Wesly; paranoidcookie did post the minimum, one less command. The flushing command iptables -F; iptables -t nat -F; iptables -t mangle -F
It turns out that paranoidcookie, was also right about a problem I was having and had not even mentioned on in this post. I had originally posted another question about why NAT was not working and gave a full description of the problem etc. I created this post so that I could create a generic "default.conf" for my firewall rules. This way I know that I have only what is absolutley need to make it work and verifies that any problem I am having is in my iptables somewhere. As it turns out, SuSEfirewall was not totaly disabled; after double checking my service settings and disabling all 3(!) entires for SuSEfirewall and rebooting, my firewall is now working with the command set I originally posted.
I am increasing the points and will split them between you two. Thanks for the input!