Hi from Greece!!!
I am a newbie to Linux,but at least,I am trying...
Well,here is the situation.
I live with a roommate and we both have our PC's.
I recently installed on an old 486 machine slackware 10 and I want to use it as a firewall/router for our PSTN line.
Onboard the 486,there is of-course the modem and two NIC's(eth0 and eth1)
The first nick is connected with cross-UTP wire to my pc and the second goes to my roommate's.
Can somebody write down a correct iptables script to use so we can have full routing?
I already have a simple script but I have some problems.For example,when I play a game and do the hosting,nobody can join to my machine.
the script is...
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -i eth1 -j ACCEPT
iptables -A INPUT -s 0/0 -i ppp0 -d 195.251.140.6 -p ALL -j ACCEPT
iptables -A OUTPUT -s 195.251.140.6 -d 0/0 -o ppp0 -p ALL -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -A FORWARD -i ppp0 -o eth0 -p TCP -j ACCEPT
iptables -A FORWARD -i ppp0 -o eth0 -p UDP -j ACCEPT
#FALCON4 BEGIN INCOMING
iptables -A FORWARD -s 0/0 -i ppp0 -d 195.251.140.6 -o eth0 -p TCP --sport 2934:2935 --dport 2934:2935 -j ACCEPT
iptables -A FORWARD -s 0/0 -i ppp0 -d 195.251.140.6 -o eth0 -p UDP --sport 2934:2935 --dport 2934:2935 -j ACCEPT
#FALCON4 END
#FS9 BEGIN INCOMING
#iptables -A FORWARD -s 0/0 -i ppp0 -d 195.251.140.6 -o eth0 -p TCP
#--sport 23456 --dport 23456 -j ACCEPT
#iptables -A FORWARD -s 0/0 -i ppp0 -d 195.251.140.6 -o eth0 -p UDP
#--sport 23456 --dport 23456 -j ACCEPT
#FS9 END
iptables -A FORWARD -i ppp0 -o eth1 -p TCP -j ACCEPT
iptables -A FORWARD -i ppp0 -o eth1 -p UDP -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -p UDP -j ACCEPT
iptables -A FORWARD -i eth1 -o ppp0 -p UDP -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -p TCP -j ACCEPT
iptables -A FORWARD -i eth1 -o ppp0 -p TCP -j ACCEPT
#FALCON4 BEGIN OUTGOING
iptables -A FORWARD -s 195.251.140.6 -i eth0 -d 0/0 -o ppp0 -p TCP --sport 2934:2935 --dport 2934:2935 -j ACCEPT
iptables -A FORWARD -s 195.251.140.6 -i eth0 -d 0/0 -o ppp0 -p UDP --sport 2934:2935 --dport 2934:2935 -j ACCEPT
#FALCON4 END
#FS9 BEGIN OUTGOING
#iptables -A FORWARD -s 195.251.140.6 -i eth0 -d 0/0 -o ppp0 -p TCP
#--sport 23456 --dport 23456 -j ACCEPT
#iptables -A FORWARD -s 195.251.140.6 -i eth0 -d 0/0 -o ppp0 -p UDP
#--sport 23456 --dport 23456 -j ACCEPT
#FS9 END
I am a newbie to Linux,but at least,I am trying...
Well,here is the situation.
I live with a roommate and we both have our PC's.
I recently installed on an old 486 machine slackware 10 and I want to use it as a firewall/router for our PSTN line.
Onboard the 486,there is of-course the modem and two NIC's(eth0 and eth1)
The first nick is connected with cross-UTP wire to my pc and the second goes to my roommate's.
Can somebody write down a correct iptables script to use so we can have full routing?
I already have a simple script but I have some problems.For example,when I play a game and do the hosting,nobody can join to my machine.
the script is...
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -i eth1 -j ACCEPT
iptables -A INPUT -s 0/0 -i ppp0 -d 195.251.140.6 -p ALL -j ACCEPT
iptables -A OUTPUT -s 195.251.140.6 -d 0/0 -o ppp0 -p ALL -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -A FORWARD -i ppp0 -o eth0 -p TCP -j ACCEPT
iptables -A FORWARD -i ppp0 -o eth0 -p UDP -j ACCEPT
#FALCON4 BEGIN INCOMING
iptables -A FORWARD -s 0/0 -i ppp0 -d 195.251.140.6 -o eth0 -p TCP --sport 2934:2935 --dport 2934:2935 -j ACCEPT
iptables -A FORWARD -s 0/0 -i ppp0 -d 195.251.140.6 -o eth0 -p UDP --sport 2934:2935 --dport 2934:2935 -j ACCEPT
#FALCON4 END
#FS9 BEGIN INCOMING
#iptables -A FORWARD -s 0/0 -i ppp0 -d 195.251.140.6 -o eth0 -p TCP
#--sport 23456 --dport 23456 -j ACCEPT
#iptables -A FORWARD -s 0/0 -i ppp0 -d 195.251.140.6 -o eth0 -p UDP
#--sport 23456 --dport 23456 -j ACCEPT
#FS9 END
iptables -A FORWARD -i ppp0 -o eth1 -p TCP -j ACCEPT
iptables -A FORWARD -i ppp0 -o eth1 -p UDP -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -p UDP -j ACCEPT
iptables -A FORWARD -i eth1 -o ppp0 -p UDP -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -p TCP -j ACCEPT
iptables -A FORWARD -i eth1 -o ppp0 -p TCP -j ACCEPT
#FALCON4 BEGIN OUTGOING
iptables -A FORWARD -s 195.251.140.6 -i eth0 -d 0/0 -o ppp0 -p TCP --sport 2934:2935 --dport 2934:2935 -j ACCEPT
iptables -A FORWARD -s 195.251.140.6 -i eth0 -d 0/0 -o ppp0 -p UDP --sport 2934:2935 --dport 2934:2935 -j ACCEPT
#FALCON4 END
#FS9 BEGIN OUTGOING
#iptables -A FORWARD -s 195.251.140.6 -i eth0 -d 0/0 -o ppp0 -p TCP
#--sport 23456 --dport 23456 -j ACCEPT
#iptables -A FORWARD -s 195.251.140.6 -i eth0 -d 0/0 -o ppp0 -p UDP
#--sport 23456 --dport 23456 -j ACCEPT
#FS9 END