[H-GEN] Help with Masquerading, linux dialup to the net, then windows boxs hanging off the linux box
Sarah Hollings
sarah at humanfactors.uq.edu.au
Wed Mar 19 07:23:49 EST 2003
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
t wrote:
> [ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> Hi
>
> I have a dial up connection and want to use linux to connect to the net,
> then have windows
> boxs hanging off it. I just looked at the
> "Masquerading Made Simple HOWTO"
>
> and it says to do the following
>
> modprobe ipt_MASQUERADE # If this fails, try continuing anyway
> iptables -F; iptables -t nat -F; iptables -t mangle -F
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> iptables -A INPUT -m state --state NEW -i ! ppp0 -j ACCEPT
> iptables -P INPUT DROP #only if the first two are succesful
> iptables -A FORWARD -i ppp0 -o ppp0 -j REJECT
>
> Before I do it, do you think it is very secure? All I want to be able to do
> through the
> linux box from the windows machines at the moment is to surf the net,
> collect/send mail
> and ssh out(I dont want to be able to ssh to this box from the net). What
> do I need to
> add to allow only the services to/from the net.
>
> Thanks for your help
>
> Tony
>
>
>
>
> --
> * This is list (humbug) general handled by majordomo at lists.humbug.org.au .
> * Postings to this list are only accepted from subscribed addresses of
> * lists 'general' or 'general-post'. See http://www.humbug.org.au/
Consider using the "firestarter" utility ( on sourceforge ) - will
quickly set up all that you need for the above
Rgds,
Sarah H
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list