I strongly suggest looking into "shorewall" as a "front end" for iptables. Makes life hell of a lot easier.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Steve Howard > Sent: Friday, July 04, 2003 8:13 AM > To: [EMAIL PROTECTED] > Subject: Re: RH9 home networking > > > Yes, why are you all making this so difficult? > > I use my machine exactly as you want to set up yours. > It is a RH9 machine that is > Firewall/Gateway/WebServer/FTPServer for my home network. The > Internet connection sharing is done with iptables forwarding > and masquerading packets. > > First you need to make sure that your network is setup > properly. Login as root. Edit the /etc/hosts file and make > sure that it contains information about any hosts that you > want on your network. You can "man hosts" to find out about > this file. Then edit the /etc/network file to show some of > the following if they apply: GATEWAYDEV=eth0, > HOSTNAME=hostname.whatever.whatever, > DOMAINNAME=whatever.whatever. Enable packet forwarding by > editing the /etc/sysctl.conf file, set net.ipv4.ip_forward > =1. Then add four rules to iptables by issuing the following > commands as root (You may want to make a copy of > /etc/sysconfig/iptables first.) > > /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > /sbin/iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT > > /sbin/iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT > > /sbin/iptables -A FORWARD -s ! 192.168.1.0/24 -j DROP > > This is assuming that your Internet connection is at eth0 and > your private network is 192.168.1. > > Save the rules after you make sure they work by issuing > /sbin/iptables-save > /etc/sysconfig/iptables > > Now you can go to each machine on your private net and set > static IPs to the values you listed for them in the > /etc/hosts file and their gateway will be the static IP that > you gave eth1. You could set it up as a proxie and use DHCP > to set your networked machines IPs but that would be a > different e-mail. Bada Bing shared Internet connection > > To do it right it helps to have a good book. I recommend the > Redhat Bible (Negus), I don't know if the 9 version is out > yet, I'm still using the 8 version. > > If you want to set it up by clicking in a check box, get windows. > > PS. I'm sure that I left out alot, do the same as I did, buy > a book (I have five big fat Linux books). You will not ever > get everything you need to know from this list(or get windoze). > > Steve > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list