IPTables, combine with IP Forwarding feature of Linux, can be configured for creating static nat. This post will give example configuration to have static nat in Linux machine.
1. Load nat module.
Execute this command., and add this command in /etc/rc.local file so that this command will be executed every reboot.
modprobe iptable_nat
2. Enable IP Forwarding. This command will enable ip forwarding in Linux machine.
echo 1 > /proc/sys/net/ipv4/ip_forward
You can edit /etc/sysctl.conf and uncomment his line,
#net.ipv4.ip_forward=1
To be like this
net.ipv4.ip_forward=1
So that it will have value 1, mean that ip forwarding si enable.
3. Creating IPTables rule.
There are two nat, nat for source address (your home server), using POSTROUTING, nat for destination address (internet server), using PREROUTING.
For example, if you want nat your local server, 192.168.1.1, with public address 201.1.1.1, you have to configure POSTROUTING.
Configure static nat for local server to public ip,
iptables -t nat -A POSTROUTING -s 192.168.1.1 -o eth0 -j SNAT --to-source 201.1.1.1
Allow forwarding snat connection from local server,
iptables -A FORWARD -t filter -o eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Save your configuration in your iptables script.
Linux Home Networking (http://www.linuxhomenetworking.com/) can be your source for Linux networking related.
[11:19 AM
|
0
comments
]
0 comments
Post a Comment