Mailinglist Archive: opensuse (3666 mails)

< Previous Next >
Re: [SLE] routing / forwarding ergent help
  • From: Sandy Drobic <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 14 Mar 2005 12:52:30 +0100
  • Message-id: <42357AFE.2090706@xxxxxxxxxxxxxxxxxxxxxxx>
Mohammad Fattahian wrote:

Hi sandy;

Thanks for your reply. Is it the whole of things that I needed?

I've done : ... echo "1" > /proc/sys/net/ipv4/ip_forward

That setting tells the box that forwarding packets betwenn the different interfaces is allowed, the basic requirement for a router.

iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

This setting expands and says "accept the connections my network has initiated.

Forgot the last basic setting:
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

This rule tells the box to forward anything it receives on interface eth0 to eth1. Basically this is the rule that makes it possible for the internal network to use the box to access the internet.

Please don't forget to set up the dns resolution in /etc/resolv.conf on the clients in the internal network. Otherwise they won't be able to resolv names to ip addresses.

Also note that this only provides basic access to the internet, no security for the clients beside the Network Address Translation at all!

Sandy

PS: Please direct your answers to the list and not my address. Others might benefit from the discussion as well and I do read the list. (^-^)

< Previous Next >
This Thread
  • No further messages