linux-packet-forwarding
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| linux-packet-forwarding [2018/02/11 17:42] – baumi | linux-packet-forwarding [2022/01/29 11:27] (current) – [Basic outgoing masquerding script] baumi | ||
|---|---|---|---|
| Line 10: | Line 10: | ||
| ext_if=eth0 | ext_if=eth0 | ||
| ext_ip=$(ip address show $ext_if | awk -F "[ /]" '/inet / { print $6 }') | ext_ip=$(ip address show $ext_if | awk -F "[ /]" '/inet / { print $6 }') | ||
| - | | ||
| # Turn off forwarding | # Turn off forwarding | ||
| echo 0 > / | echo 0 > / | ||
| - | # Flush NAT rules | + | # Create NAT rule |
| - | iptables -t nat -F POSTROUTING | + | iptables -t nat -I POSTROUTING -s $network -o $ext_if -j SNAT --to-source $ext_ip |
| - | # Create NAT rules | + | # Create FW rules to allow traffic |
| - | iptables -t nat -A POSTROUTING -s $network -o $ext_if -j SNAT --to-source $ext_ip | + | iptables -I FORWARD -s $network -j ACCEPT |
| + | iptables -I FORWARD -m conntrack --ctstate ESTABLISHED -j ACCEPT | ||
| # Turn on forwarding | # Turn on forwarding | ||
| echo 1 > / | echo 1 > / | ||
linux-packet-forwarding.1518367352.txt.gz · Last modified: 2018/02/11 17:42 by baumi