version 1.0.0, 2014-07-08 : Initial version
Setting up iptables for NATSet your server as a gateway, using iptables to create NAT rules is easy!
First, remember that on RHEL, iptables config file is
and the service logs by default to
For this example, our internal network is 184.108.40.206/24 and we are setting our server as a gateway with eth1 on local network and eth0 that has access to the internet.
# First allow ip forwarding at kernel level sysctl -w net.ipv4.ip_forward=1 # Then set your iptables rules iptables -t nat -I POSTROUTING -o eth0 -s 220.127.116.11/24 -j MASQUERADE iptables -I FORWARD 1 -i eth1 -o eth0 -j ACCEPT iptables -I FORWARD 2 -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT # Finally save and restart service service iptables save service iptables restart # Now check your rules iptables -L -n -v iptables --table nat -L -n -v
net.ipv4.ip_forward = 1or change it to that value in
/etc/sysctl.confto be sure the change will survive next reboot!
Now you have to put this host’s eth1 IP as a gateway in your
/etc/sysconfig/network file if not already done (if there’s already a gateway,
echo "GATEWAY=18.104.22.168" >> /etc/sysconfig/network
Now you can start to try and ping servers outside your network.