l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
April 21: Google Glass
Next Installfest:
TBD
Latest News:
Mar. 18: Google Glass at LUGOD's April meeting
Page last updated:
2001 Dec 30 17:08

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Linux backup tutorial
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Linux backup tutorial



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi there,

Recently I play with iptables and try to make ip masquerade work
on my firewall. I copied and modified the script slightly as HOWTO,
but when I try to ping or connect the external network from internal
network, it always tells me that external ip is unreachable. Would
you mind help me check my script? Thanks a lot!!!!

#!/bin/sh

# external network interface: eth0
EXTINF=eth0
EXTIP=169.237.74.8
# internal network interface: eth1
INTINF=eth1
INTIP=192.168.30.1

IPTABLES=/sbin/iptables

/sbin/depmod -a
/sbin/modprobe ipt_MASQUERADE
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_conntrack_ftp

echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr

"$IPTABLES" -F

echo "  - Resetting the firewall policy and flush all rules"
"$IPTABLES" -P INPUT ACCEPT
"$IPTABLES" -F INPUT
"$IPTABLES" -P OUTPUT ACCEPT
"$IPTABLES" -F OUTPUT
"$IPTABLES" -P FORWARD DROP
"$IPTABLES" -F FORWARD

echo "  - Forward: allow all connection OUT and existing connection IN"
"$IPTABLES" -A FORWARD -i "$EXTINF" -o "$INTINF" -m state --state ESTABLISHED,RELATED -j ACCEPT
"$IPTABLES" -A FORWARD -i "$INTINF" -o "$EXTINF" -j ACCEPT
"$IPTABLES" -A FORWARD -j LOG

echo "  - Enable SNAT (Masquerade)"
"$IPTABLES" -t nat -A POSTROUTING -o "$EXTINF" -j SNAT
#"$IPTABLES" -t nat -A POSTROUTING -o "$EXTINF" -j MASQUERADE

"$IPTABLES" -L

Jimmy
____________________________________________________________
Jingmin (Jimmy) Zhou
E-mail : jimmyzhou@bigfoot.com         ICQ : 19587415

The future is not set.  There is no fate but what we make
for ourselves.             - Terminator II, Judgement Day
____________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (IRIX)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjt6/BIACgkQZ1kuLJJ1tnLhQACgtUn0wYh4UAOY+bzehvh0fx73
AfYAoM6pLhUydx6IGD2WbCF3L8kTT9sN
=4yNX
-----END PGP SIGNATURE-----


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!