Scribd
Upload
78 views

Iptables - A FORWARD - I Eth0 - J ACCEPT Exit 0

This document provides instructions for configuring network address translation (NAT) and routing between two network interfaces on a Linux system to allow an Aquilion system to access an external network. It describes adding iptables rules to enable NAT and forwarding, making these rules permanent by editing configuration files, and configuring the Aquilion console to use the Linux system as the gateway to the external network by editing a route configuration file and restarting the routing service. The IP addresses used in the examples should be changed to match the local network configuration.

Uploaded by

Muhammad Ahmad
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
78 views

Iptables - A FORWARD - I Eth0 - J ACCEPT Exit 0

This document provides instructions for configuring network address translation (NAT) and routing between two network interfaces on a Linux system to allow an Aquilion system to access an external network. It describes adding iptables rules to enable NAT and forwarding, making these rules permanent by editing configuration files, and configuring the Aquilion console to use the Linux system as the gateway to the external network by editing a route configuration file and restarting the routing service. The IP addresses used in the examples should be changed to match the local network configuration.

Uploaded by

Muhammad Ahmad
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Dear Shaheen,

It is mandatory that you have a working PC with two network cards and Ubuntu Linux installed.
One of the network cards will be called eth0 and the 2nd network card will be called eth1. You
should already have configured eth0 to match Aquilion network and ip address of eth1 should
match the external network.

Enter the following commands just to test your setup. When you reboot linux these commands
will be lost.
---------------------------------------------------------------------------------------------------------------------
-----------------
Type the following lines in a shell terminal.
            sudo echo "1" > /proc/sys/net/ipv4/ip_forward
            sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
            sudo iptables -A FORWARD -i eth0 -j ACCEPT

If your router works ok then enter the following commands to make it permanent.
------------------------------------------------------------------------------------------------------
Type the following command on shell terminal.
            gksudo gedit /etc/sysctl.conf
Look for the following line of text in the sysctl.conf file:
            net.ipv4.ip_forward=1
If you don't find the line then add it. Type it exactly.
Save the file and exit.

Now, type the following command in shell terminal.


            gksudo gedit /etc/rc.local
   
Add the following lines
            iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
               iptables -A FORWARD -i eth0 -j ACCEPT
               exit 0

=====================================================================
========================================================
Now you have to configure Aquilion. Go to command window in Aquilion. The purpose is to tell
the Aquilion console, where to find the route to the external network. So we have to tell it the IP
address of the router, working as gateway.

The related file name is:


            /etc/config/static-route.options.

So you have to type


            > jot /etc/config/static-route.options

At the end of the file /etc/config/static-route.options simply add the line:

    $ROUTE $QUIET add -net 192.168.15.0 192.0.0.20

You must know that 192.0.0.20 is the ip address of linux router's eth0 network card and
192.168.15.0 is the external network connected to eth1 network card. You have to change these
ip addresses according to peshawar site requirement.

To refresh the network, pls type the following commands or you can also reboot aquilion
(recommended)

                >chkconfig routed off


                    >chkconfig routed on

Best Regards,
Ansar

You might also like