By Default , whether firewall and SELinux are switched on or not, Traffic will NOT be routed between two network cards in a Red hat box. You need to manually setup as a router
To make the machine act as a router, you need to add some policies to iptables and enable
/etc/sysctl.conf net.ipv4.ip_forward=1
iptables -A FORWARD -i eth1 -j ACCEPT ( allow network ip's from eth1 thru )
iptables -A FORWARD -o eth1 -j ACCEPT
add the line below to iptables script in /etc/init.d/iptables
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
masks requests from LAN nodes with IP of the eth0
Note: masquerade not show in /sbin/iptables -L for some strange reason
In the example above eth1 is Internet side eth0 is private LAN
Set the default gateway to pint to dns/inetrnet router
test from client on Private LAN ,should be set to defaultgateway to eth1 to test packet forwarding.
On Linux Check operation using /usr/sbin/tcpdump -X port 80 -i eth0 -w filename
/usr/sbin/tcpdump -r filename -X port 80
Regards
Chris
No comments:
Post a Comment