Yeah the NAT table is in the iptables. Test these rules: iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.0 -o eth1 -j SNAT --to-source outside_address iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.0 -j MASQUERADE
These should work. -----Original Message----- From: Ken Plumley [mailto:[EMAIL PROTECTED] Sent: Saturday, August 09, 2003 4:14 PM To: [EMAIL PROTECTED] Subject: RE: Firewall / Internet Gateway Config Fails Jason, Ok I will set GATEWAYDEV=eth0 I replaced an existing RH 6.2 firewall/gateway machine with the new RH 8.0 machine. The new machine has the same name and IP number that the old machine did so all the machines on the lan are already configured to point to the new firewall/gateway. Are NAT rules the firewall rules? I shutdown the iptables firewall before I started testing but the lan clients still can not reach the internet. Ken --- Jason Staudenmayer <[EMAIL PROTECTED]> wrote: > The first way is right. You have to set up NAT rules > and set the gateways on > your clients to point to your > router/gateway/firewall > > -----Original Message----- > From: Ken Plumley [mailto:[EMAIL PROTECTED] > Sent: Saturday, August 09, 2003 3:37 PM > To: Redhat List > Subject: Firewall / Internet Gateway Config Fails > > > I am trying to configure a red hat linux 8.0 > combination firewall/internet gateway that serves a > LAN. > > eth0 is used with dhcp to reach the internet through > a > cable modem. > > eth1 is used with a static IP to reach the LAN. > > With the GATEWAYDEV set to eth0 the machine can > reach > the internet and the lan at the same time but will > not > provide access from the lan to the internet. > > With the GATEWAYDEV set to eth1, as I think it > should > be, the machine can NOT reach the internet but can > reach the lan. > > What am I configuring wrong? > > Any help would be much appreciated. > > Thanks, > > Ken > > Below are the network file configurations: > > File: > /etc/sysconfig/network > > NETWORKING=yes > HOSTNAME=firewallgate > FORWARD_IPV4="yes" > GATEWAYDEV=eth1 > GATEWAY=0.0.0.0 > > > File: > /etc/sysconfig/networking/devices/ifcfg-eth0 > > USERCTL=yes > PEERDNS=yes > TYPE=Ethernet > DEVICE=eth0 > BOOTPROTO=dhcp > ONBOOT=yes > HWADDR=(The HWADDR is correct) > > > File: > /etc/sysconfig/networking/devices/ifcfg-eth1 > > USERCTL=yes > PEERDNS=no > TYPE=Ethernet > DEVICE=eth1 > HWADDR=(The HWADDR is correct) > BOOTPROTO=none > NETMASK=255.255.255.0 > ONBOOT=yes > IPADDR=192.168.1.3 > NETWORK=192.168.1.0 > BROADCAST=192.168.1.255 > GATEWAY=0.0.0.0 > > > File: > /etc/sysconfig/networking/devices/eth0-route > > GATEWAY0=0.0.0.0 > NETMASK0=0.0.0.0 > ADDRESS0=0.0.0.0 > > > File: > /etc/sysconfig/networking/devices/eth1-route > > GATEWAY0=0.0.0.0 > NETMASK0=255.255.255.255 > ADDRESS0=192.168.1.3 > > > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site > design software > http://sitebuilder.yahoo.com > > > -- > redhat-list mailing list > unsubscribe > mailto:[EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/redhat-list > > > -- > redhat-list mailing list > unsubscribe > mailto:[EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/redhat-list __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
