Linux Firewall 3 Super Typical Application

iptables this directive, as the following query with a man can see, it is used to filter packets and doing NAT Network Address Translation (network address translation), the application of this directive are many, can do a lot of applications for the internet.

iptables - administration tool for IPv4 packet filtering and NAT

Application 1: Let the computer local area network to a real IP to share bandwidth (Implementation of NAT)

Chart:

The necessary equipment: a Linux server, 2 network card

Card 1: eth0, use real IP, LAN 2: eth1, use 192.168.1.254

Setting: In / etc / rc.d / rc.local the following lines written

echo "1"> / proc/sys/net/ipv4/ip_forward

modprobe ip_tables

modprobe ip_nat_ftp

modprobe ip_conntrack

modprobe ip_conntrack_ftp

iptables-t nat-A POSTROUTING-o eth0-s 192.168.1.0/24-j MASQUERADE

Application 2: Let the computer local area network to share bandwidth with an ADSL (Implementation of NAT)

This example, and like the previous example, only one set to make changes

Chart:

The necessary equipment: a Linux server, 2 network card

Card 1: eth0, use real IP, LAN 2: eth1, use 192.168.1.254

Setting: In / etc / rc.d / rc.local the following lines written

echo "1"> / proc/sys/net/ipv4/ip_forward

modprobe ip_tables

modprobe ip_nat_ftp

modprobe ip_conntrack

modprobe ip_conntrack_ftp

iptables-t nat-A POSTROUTING-o ppp0-s 192.168.1.0/24-j MASQUERADE

Application 3: Let the outside world can access the local area network computer unit within the server (implementation relocated, transfer port)

Such practices have the effect of protecting the internal server

Chart:

Necessary equipment: a Linux server, 2 network card

Card 1: eth0, use real IP, LAN 2: eth1, use 192.168.1.254

Setting: In / etc / rc.d / rc.local the following lines written

echo "1"> / proc/sys/net/ipv4/ip_forward

modprobe ip_tables

modprobe ip_nat_ftp

modprobe ip_conntrack

modprobe ip_conntrack_ftp

iptables-t nat-A POSTROUTING-o eth0-s 192.168.1.0/24-j MASQUERADE

iptables-t nat-A PREROUTING-i eth0-p tcp-d real IP - dport 80-j DNAT - to-destination 192.168.1.13:80

Linux Firewall 3 Super Typical Application

More topics

Netstat command with the embodiment of Win 7 security expert

Windows representation to reproduce the high-risk vulnerability Blaster Sasser fear

Intelligent firewall technology and functional application of key technologies

Temporary solution to prevent hackers Vista also suffer due process

Foreign Ministry Spokesman Qin Gang: ulterior motives, hackers say

AdobeReader become the biggest target for hackers

Symantec security solutions for small and medium enterprises to create the perfect

Linux server attacks on the four-level overview of

Bank Guidelines to stay three questions you can pay for security escort?

Online Testing System Vulnerability

Featured Posts

Design Based on Supply Chain

Financial crisis to increase IT investment in SMEs is alive or dead?

An American International Group, the world Asia and the Pacific received 15 million U.S. dollars investment

Reduce communication costs and improve control efforts - Chongqing hyperopia successful on-line collaborative platform technology

Shenzhen Investment 130 million building the country's first online electronic health records

Project cost estimates and budget distinction

Data warehouse model based on the operation of the system

Channels of small household electrical appliances should change - Mo Luoni distribution supply chain management system

Southeast Automotive: Supply chain information flow

Survey: 10 of the world's most urgent safety class IT technology topped