[CentOS] Setting up a simple NAT on CentOS 3.5
Bryan J. Smith
thebs413 at earthlink.net
Mon Dec 19 17:55:14 UTC 2005
Robert Moskowitz <rgm at htt-consult.com> wrote:
> Well I think this system is back on 3.5. How do I tell?
> Have not used it in a while...
cat /etc/redhat-release
> I need a NAT for some quick testing and this box was
> available. Only a 6gb drive, so I can't install Astaro
> (which I have licenses for).
> So is there a simple way to turn on NATing? Should I
> upgrade to 4.2?
Why would you upgrade to 4.2? NetFilter and the IPTables
interface has changed little since 2.4.
E.g., given a private network of 172.31/16, and an
Internet-face interface of eth2
/sbin/iptables -A POSTROUTING -t nat -s
172.31.0.0/255.255.0.0 -o eth2 -j MASQUERADE
echo "1" >> /proc/sys/net/ipv4/ip_forward
This also assumes you already have existing iptables rules
regarding ESTABLISHED,RELATED states and other firewall
rules.
> This box is behind a firewall, so security risks are not
> the issue. This time.
Is your firewall also doing NAT+PAT? If so, then I don't
recommend 2 layers of NAT+PAT -- especially not on a
corporate network.
--
Bryan J. Smith b.j.smith at ieee.org http://thebs413.blogspot.com
---------------------------------------------------------------
"On the basis of the American view, which may be right, the
success of the Iraqi political experiment is bound to provide
a model to be emulated in Syria and in the various countries
neighbouring Iraq" -- Nur-Al-Din, Al-Safir (Lebanon Periocial)
More information about the CentOS
mailing list