Peter Peltonen
2009-Aug-30 18:47 UTC
[CentOS] setup iptables to allow forwarding through eth1
I have a fresh installed CentOS 5.3 server which should route traffic between two networks like this: network A (Internet) -- eth0 (default gw) : server : eth1 -- network B (LAN) I have set in sysctl.conf net.ipv4.ip_forward = 1 and routing works fine like this. But when I switch on the iptables service (with default setup, configured when installing the server), routing stops working (or at least I cannot ping a server in network A from network B). I guess the firewall is stopping it, so I read http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s1-firewall-ipt-fwd.html and issued the commands # iptables -A FORWARD -i eth1 -j ACCEPT # iptables -A FORWARD -o eth1 -j ACCEPT but that did not help. So I am asking: what is the correct iptables command to make forwarding work? Regards, Peter
Hodja Nasredin
2009-Aug-30 21:03 UTC
[CentOS] setup iptables to allow forwarding through eth1
Hi, did you try: iptables -I FORWARD 1 -i eth1 -j ACCEPT iptables -I FORWARD 1 -o eth1 -j ACCEPT ?? On 30.8.2009, at 20:47, Peter Peltonen wrote:> I have a fresh installed CentOS 5.3 server which should route traffic > between two networks like this: > > network A (Internet) -- eth0 (default gw) : server : eth1 -- network > B (LAN) > > I have set in sysctl.conf > > net.ipv4.ip_forward = 1 > > and routing works fine like this. But when I switch on the iptables > service (with default setup, configured when installing the server), > routing stops working (or at least I cannot ping a server in network A > from network B). I guess the firewall is stopping it, so I read > > http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s1-firewall-ipt-fwd.html > > and issued the commands > > # iptables -A FORWARD -i eth1 -j ACCEPT > # iptables -A FORWARD -o eth1 -j ACCEPT > > but that did not help. > > So I am asking: what is the correct iptables command to make > forwarding work? > > Regards, > Peter > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centosHodja Nasredin nasredin at sutra.cz
Fitrah Elly Firdaus
2009-Aug-30 23:31 UTC
[CentOS] setup iptables to allow forwarding through eth1
Peter Peltonen wrote:> I have a fresh installed CentOS 5.3 server which should route traffic > between two networks like this: > > network A (Internet) -- eth0 (default gw) : server : eth1 -- network B (LAN) > > I have set in sysctl.conf > > net.ipv4.ip_forward = 1 > > and routing works fine like this. But when I switch on the iptables > service (with default setup, configured when installing the server), > routing stops working (or at least I cannot ping a server in network A > from network B). I guess the firewall is stopping it, so I read > > http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s1-firewall-ipt-fwd.html > > and issued the commands > > # iptables -A FORWARD -i eth1 -j ACCEPT > # iptables -A FORWARD -o eth1 -j ACCEPT > > but that did not help. > > So I am asking: what is the correct iptables command to make forwarding work? > > Regards, > Peter > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > >my iptables like that: * iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE * iptables --append FORWARD --in-interface eth1 -j ACCEPT Regards Firdaus i'm come from indonesia. :) -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20090831/6fab9a48/attachment-0002.html>