On Sun, 24 Nov 2002 [EMAIL PROTECTED] wrote: > Mike Burger wrote: > > > > > Hello > > > > > > > > > > So, do you means I can setup the NAT like this ? > > > > > iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE > > > > > > > > > > Thank for your help ! > > > > > > > > The short answer to the question above is yes. > > > > > > > > Note...if you just want to masquerade (as your line will do...not really > > > > NAT), you don't even need the "-s 192.168.0.0/24" listed in the line. > > > > > > > > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > > > > > > > Will work just as well. > > > > > > If remove "-s 192.168.0.0/24", then the iptables how to range ip address for the > > > clients connect to Internet ? > > > > Are you trying to restrict who can and can't access the net? > > > > If you're allowing everyone on your internal network to access the > > internet, you don't have to specify a range. > > If needn't to specify a range, then the clients connect to the Internet with what IP > address ( Class A / B / C ) ?
It matters not. If the client PCs are behind the firewall, they need only have the firewall's IP set up as their default gateway. -- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
