Search This Blog

Wednesday, June 22, 2011

Re: iptables

"Manu" <manuliste@manu-dpk.net> writes:

> Hello,
> I'm French, I'm sorry for my bad english.
> I'm a beginner debian user.
> In my home network, I have a linux machine with debian6.
> My debian has to do dhcp server with isc-server.
> I have 2 network card, eth0 = public Ip (adsl modem)
> eth1 = lan.
> My dhcp server runs.
> But I can't connect to internet with pc's.
> Description :
>
> network : 10.20.30.0
> mask : 255.255.255.0
> Windows server: 10.20.30.2
> Linux server (Debian6) : 10.20.30.1 (DHCP a nd gateway to wan)
> Accesspoint Wifi : 10.20.30.3
> NAS server : 10.20.30.4
> MAO PC: 10.20.30.5
> laptop : 10.20.30.6
> IP phone : 10.20.30.7, 10.20.30.8, 10.20.30.9
> I can connect to lan machines but not to wan.
>
> cat /proc/sys/net/ipv4/ip_forward is 1
>
> What are routes I have to create with route command ?
> How can I routed 80 port to 10.20.30.1 with iptables ?
> thank you for your help !

Have you tried shorewall? It has sufficient documentation and should
make it pretty easy to achieve the setup you need, with the added
benefit of providing a fully featured firewall.

Setting up a firewall is probably much better than connecting your
networks to the internet directly without one through your ADSL
modem. It will also help you to redirect some traffic on port 80 to
10.20.30.1 and to do the neccessary masquerading.

However, I would start with setting up a name server for your networks
if you´ve not already done so.

> --------------------------------------------------------------------------------
>
> AMICALEMENT
> Manu
>
> SITES WEBS
> Mon site web Officiel (Manu-dpk.net)
> Ecoutez Radio DPK
>
> CONTACT
> - E-mail : manuliste@manu-dpk.net
> - Messenger (WLM) : msn@manu-dpk.net
> - Skype : manu-dpk
>
>
>
> --------------------------------------------------------------------------------
>
>
> PS : Pour le respect de l'environnnement, n'imprimez ce mail qu'en cas de nécessité.

Can you please use the standard seperator ("-- ") for your signature and
refrain from posting HTML messages?


--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/87hb7hk1ww.fsf@yun.yagibdah.de

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)