notiz:iptables-nat
iptables NAT
#! /bin/bash IPTABLES=/sbin/iptables WANIF='ens18' LANIF='ens19' # enable ip forwarding in the kernel echo 'Enabling Kernel IP forwarding...' /bin/echo 1 > /proc/sys/net/ipv4/ip_forward # flush rules and delete chains echo 'Flushing rules and deleting existing chains...' $IPTABLES -F $IPTABLES -X # enable masquerading to allow LAN internet access echo 'Enabling IP Masquerading and other rules...' $IPTABLES -t nat -A POSTROUTING -o $LANIF -j MASQUERADE $IPTABLES -A FORWARD -i $LANIF -o $WANIF -m state --state RELATED,ESTABLISHED -j ACCEPT $IPTABLES -A FORWARD -i $WANIF -o $LANIF -j ACCEPT $IPTABLES -t nat -A POSTROUTING -o $WANIF -j MASQUERADE $IPTABLES -A FORWARD -i $WANIF -o $LANIF -m state --state RELATED,ESTABLISHED -j ACCEPT $IPTABLES -A FORWARD -i $LANIF -o $WANIF -j ACCEPT echo 'Done.'
iptables persistieren wir unter iptables speichern
- /etc/network/if-pre-up.d/ipforward
echo 1 > /proc/sys/net/ipv4/ip_forward
chmod +x /etc/network/if-pre-up.d/ipforward
notiz/iptables-nat.txt · Zuletzt geändert: 2020/02/21 20:10 von clerie