[CentOS] Iptables masq traffic limiting
Joseph L. Casale
JCasale at activenetwerx.com
Fri Aug 29 21:26:11 UTC 2008
Where is the correct place to control what traffic is masq'ed out?
This is what I have, but I was told the Forward chain isn't the right place to do this?
iptables -A POSTROUTING -t nat -o $WAN -j MASQUERADE
iptables -A FORWARD -i $WAN -o $LAN -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $LAN -o $WAN -m state --state NEW,ESTABLISHED,RELATED -p tcp -m multiport --dports 80,443 -j ACCEPT
So which table is the theoretically correct place to add all the ports/services
I would want masq'ed out for internal clients?
More information about the CentOS