nixCraft

Hi All,

I am george. I am trying to write some iptable rules to allow traffic from one network to another. my set up is as follows:

1. I have a linux box(FC6) with 2 ethernet cards ( eth0 and eth1) with IP forwarding enabled.

2. IP address eth0 : 192.168.8.1/24, eth1 : 192.168.9.1/24
3. I have 1 node each on both the networks with IP addresses 192.168.8.2 and 192.168.9.2 respectively.
4. I can ping the linux box from my nodes and i can reach the nodes from my linux box.

My Requirement:
-------------------
I want to ping from 192.168.9.2 to 192.168.8.2. How do i allow this traffic on my linux box using the FORWARD chain in iptables. Currently i have written the following rule which is not working:

iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT.

my default policy of the FORWARD Chain is to DROP everything.

Also i would like to know to forward packets based on some network services like WEB, MAIL etc. Also suggest me some good books on IPTABLES.

Anyone please help me.

Thanks & Regards,
George

Not sure about the Firewall part you did, but to forward packets between two networks through a linux box, you have to enable ip_forward in it

# echo 1 > /proc/sys/net/ipv4/ip_forward

This enables the ip forwarding till next reboot, to make this packet forwarding permanent

# vi /etc/sysctl.conf
change the line net.ipv4.ip_forward = 0 to net.ipv4.ip_forward=1.

This should do the stuff, to check if your iptables rules works correctly.
First turn the iptables off
# service iptables off
#iptables -F

then try pinging between the boxes, if ping is successful, then turn the iptables on and edit the rule as needed, and verify.

Meanwhile, i will try to figure out the rule which will help you.

Cheers
DD

__________________
May the force with you!