Wednesday 30 October 2013

Linux - Routing

Linux - Routing

So in the past week I have had a challenge with regards to Routing in IPTABLES, and one of the problems I faced was I had no GUI to implement it, only terminal.

I needed routing enabled on network card: eth0

I am assuming you are logged in as root.

IPTables


The first thing we need to do is check to see if iptables are enabled, or just enable them.
One way to see if your iptables are enabled it to run
iptables -L
iptables -L

to enable the iptables temporarily, run
iptables start

if you want to enable iptables on boot us this
chkconfig iptables on

Routing


Now that we have iptables enabled, we can start with the forwarding.

Firstly check to see if the network device has forwarding enabled
by running 
cat /proc/sys/net/ipv4/conf/eth0/forwarding

if this returns 0, run this
echo '1' > /proc/sys/net/ipv4/conf/eth0/forwarding


Now that this is enabled, we need to enable MASQUERADE.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Ok, so I needed to route two ports, SSH and HTTP, the IP i needed routing two was 192.168.1.18
To do that I used these commands:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9022 -j DNAT --to 192.168.1.18:22
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9001 -j DNAT --to 192.168.1.18:80

To make sure these have been enabled, you can use more than one command but the one I prefer is
iptables -t nat -L -n -v


Note: This is what I did to get routing working on OEL5, if this does not work for you, please leave a comment and I will try help you as much as I can.

#bearMan out.

No comments:

Post a Comment