Skip to main content

Thread: Iptables & NAT

-

hey.

trying configure server iptables nat (with overload, nat multiple local adresses 1 public address port numbers) local network(192.168.0.0) wan(83.151.x.x) network.

, been looking @ few guides, sytnax accomplish (to me) complex , easy misunderstand.
i'am here advice.

have found
code:
echo 1 > /proc/sys/net/ipv4/ip_forward
enable ipv4 package forwarding.

code:
iptables -f
flush existing rules in chains.

read default nat chain (that dosent show iptables --list), called nat. correct or have misunderstood something?
, iptables -f flush chain or u need execute
code:
iptables -t nat -f
by itself.

found following 2 lines configuring nat -> http://pastebin.com/fenbvczx
code:
# nat iptables -t nat -a postrouting -o eth0 -j masquerade iptables -a forward -i eth0 -o eth1 -m state --state related,established -j accept
can tell me
  1. whats postrouting does(cant find in iptables man or manual it). chain or option??
  2. whats masquerade? i've tried find on google does, dont clear answer.
  3. the above nat local wan can tell, saying in second line append forward chain -i (the inside local interface) ethx -o (the outside global interface) ethxx -m (unsure state after -m does) state --state state1,state2 -j accept, correct understood?

hope can me cast light on topic.

on advance.
kind regards.

yes, need flush nat table independent of others.

myself, prefer use snat instead of masquerade. preform function of nat (network address translation) packets somewhere in 192.168.0.0 network seem have come 83.151.x.x.

state matching module accepting packets part of existing connection. typically, allows reply packets sent out , way seperate packets want others.

postrouting (and prerouting) chain, sort of, not same sense others. typically, consulted "new" connections pathways established subsquent packet flow through iptables , connection tracking table. (my description little inaccurate, simplified).

reference: http://bodhizazen.net/tutorials/iptables/

other references:
http://tldp.org/howto/ip-masquerade-howto/index.html
http://www.frozentux.net/iptables-tu...-tutorial.html

careful, there great many obsolete "iptables how to"s out there.


Forum The Ubuntu Forum Community Ubuntu Official Flavours Support General Help [ubuntu] Iptables & NAT


Ubuntu

Comments

Post a Comment

Popular posts from this blog

Some mp4 files not displaying correctly (CS6)

-
Image
a week ago in premiere pro cs6 world. one day updated windows, next day few .mp4 video files opened in premiere pro, played fine well, except fact display has green (sometimes multicolour, solid green block) bars in lower third of screen. see screenshot below.   these same files open/display fine in after effects, photoshop , vlc- , quicktime players. i'd read fromyears ago windows updates causing this, removed 1 of therecent kb's no avail. i did install adobemediaencodertrial_64-6.0.3-mul-adobeupdate and dynamiclinkmediaserverretail-1.0.1-mul-adobeupdate and reverted quicktime 7.6 but nothing makes difference.   in end, formatted c:\, reinstalled windows 7 ultimate 64bit , downloaded/installed 260 updates , reinstalled cs6 (and aforementioned ame , dlms updates , qt7.6) it's still same problem.   also tried exporting (part of) 1 of these files, see if wasn't display problem: exported file same properties original has green bars.   what else can do?   thanks in advanc
Read more

Thread: Samba is not authenticating with LDAP

-
hello everyone. i've setup hp proliant server running ubuntu precise 64bit. have server running precise has openldap server running on it. i'm trying samba server authenticate ldap server users able log samba using ldap credentials. followed directions on site: http://raerek.blogspot.com/2012/05/s...sing-ldap.html http://raerek.blogspot.com/2012/05/s...g-ldap_28.html i'm using mac running mountain lion connected samba share when message: "check server name or ip address, , try again. if continue have problems, contact system administrator." when go /var/log/samba/log.workstation [2013/04/02 21:56:33.187358, 0] auth/check_samsec.c:491(check_sam_security) check_sam_security: make_server_info_sam() failed 'nt_status_unsuccessful' $ testparm load smb config files /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) minimum windows limit (16384) processing section "[oh-fileshare]&qu
Read more