Try out Iptables, it has better features than ipchains.
Enable IP forwarding between the interfaces - remember to disable this if you're going to unload the Iptables rules.
echo "1" > /proc/sys/net/ipv4/ip_forward
Load the NAT modules - needed only if you compiled as modules
modprobe iptable_nat
modprobe ip_nat_ftp (needed only if you plan on using FTP)
Enable IP masquerading - Use if your eth0 has a dynamic IP address.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Enable source NAT - Use if your eth0 has a static IP address.
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to ip_address_of_eth0
Pramod Krishna K wrote:
Hi ,I've got a small network in which my mailserver(sendmail),proxy(squid),webservers & Name servers are placed.I want to setup a firewall b/w the router & my LAN.Can anyone send in a ipchains firewall script which i can customize to my requirements to make it a secure network.Regards,Pramod
**************************Disclaimer************************************
Information contained in this E-MAIL being proprietary to Wipro Limited
is 'privileged' and 'confidential' and intended for use only by the
individual or entity to which it is addressed. You are notified that any
use, copying or dissemination of the information contained in the E-MAIL
in any manner whatsoever is strictly prohibited.
*****************************************************************************