Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

which iptables command to run firefox behind a linux router?

Posted on 2006-04-09
8
Medium Priority
?
346 Views
Last Modified: 2013-11-29
one of my PC is a linux router. its name is 'rato'. the ip adress of the router are :
192.168.3.4, 192.168.4.4, 192.168.5.4, 192.168.6.4, 192.168.6.4,192.168.9.4
on this router, 'route' give:
[root@rato etc]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.6.0     0.0.0.0         255.255.255.0   U     0      0        0 eth3
192.168.5.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
192.168.4.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.9.0     0.0.0.0         255.255.255.0   U     0      0        0 eth6
0.0.0.0         192.168.3.3     0.0.0.0         UG    0      0        0 eth0
on this router, 'iptables' give:
[root@rato etc]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@rato etc]#
on the router 'rato', I can run firefox and acces to internet thru adsl thru the net 192.168.3.0.
I would like to be able to access to internet thru firefox on any pc of the net 192.168.5.0
what are the iptables commands to be able to run firefox from any pc of the 192.168.5.0?
for instance, I want to run firefox on the 192.168.5.162 ? which iptable should I type on the router?


0
Comment
Question by:gdmo
  • 4
  • 2
6 Comments
 
LVL 2

Expert Comment

by:mianni
ID: 16418123
How do you actually exit your network to reach the internet ?
As all of your interfaces are (RFC1918), there is no internet connection.

All the same check the config file:

cd /etc/sysconfig/iptables
0
 
LVL 2

Expert Comment

by:mianni
ID: 16418167
Actually I just noticed, your default gateway is 192.168.3.3 !!!
Then you will probably need to check that ip_forwarding is turned on and also check the file I mentioned above.
Another thing will be routing back to your rato firewall, either on the router 192.168.3.3 you will need to route the other subnets back or you will need to configure masquerading.
0
 

Author Comment

by:gdmo
ID: 16419634
Yes, the gateway 192.168.3.3 is a adsl modem-router. But, for some reasons, I want to use un linux router and not a adsl modem-router. The reasons are that I want to have separate subnets.
As far as I know, to configure masquerading, I will need to configure iptables on the 'rato' router. As I have not yet used iptables, I have not yet well understood iptables. I would like than somebody say which command iptables are to be used.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 2

Expert Comment

by:mianni
ID: 16428210
check out this link:
http://www.siliconvalleyccie.com/linux-hn/iptables-intro.htm

you will need to work out exactly what you want to do with the traffic and then apply it into a file.
If you want further information explain in detail what you want to achieve eg: source destination traffic flows, who sees who, etc..
0
 

Author Comment

by:gdmo
ID: 16442968
I know exactly the result that I expect to obtain. But, unfortunately, I do not know the iptables commands I must write to obtain what I want.  I just want that a pc under linux whom ip adress is 192.168.5.162 could acces web by firefox.
0
 
LVL 2

Accepted Solution

by:
mianni earned 200 total points
ID: 16447344
You don't actually need to run iptables for you to browse the internet.
1. turn on ip_forwarding
2. set routes on your adsl router for subnets (192.168.4.0, 192.168.5.0, 192.168.6.0, 192.168.6.0,192.168.9.0) via 192.168.3.4

All your traffic will go through RATO as it now acts as a router.

If you wish to setup iptables fIrewall, then I suggest you have a good read of the link above.

For a quick fix you can check out this sample iptables file and modify as required:

http://www.liniac.upenn.edu/sysadmin/security/iptables.html
 
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question