/[gentoo]/xml/htdocs/doc/en/home-router-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/home-router-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.6 Revision 1.7
1<?xml version='1.0' encoding='UTF-8'?> 1<?xml version='1.0' encoding='UTF-8'?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/home-router-howto.xml,v 1.6 2004/07/30 02:46:39 vapier Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/home-router-howto.xml,v 1.7 2004/08/06 05:49:00 vapier Exp $ -->
3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4 4
5<guide link="/doc/en/home-router-howto.xml"> 5<guide link="/doc/en/home-router-howto.xml">
6 6
7<title>Home Router Guide</title> 7<title>Home Router Guide</title>
411<comment>Drop TCP / UDP packets to privileged ports</comment> 411<comment>Drop TCP / UDP packets to privileged ports</comment>
412# <i>iptables -A INPUT -p TCP -i ! eth0 -d 0/0 --dport 0:1023 -j DROP</i> 412# <i>iptables -A INPUT -p TCP -i ! eth0 -d 0/0 --dport 0:1023 -j DROP</i>
413# <i>iptables -A INPUT -p UDP -i ! eth0 -d 0/0 --dport 0:1023 -j DROP</i> 413# <i>iptables -A INPUT -p UDP -i ! eth0 -d 0/0 --dport 0:1023 -j DROP</i>
414 414
415<comment>Finally we add the rules for NAT</comment> 415<comment>Finally we add the rules for NAT</comment>
416# <i>iptables -I FORWARD -i 192.168.0.0/255.255.0.0 -j DROP</i> 416# <i>iptables -I FORWARD -i eth0 -d 192.168.0.0/255.255.0.0 -j DROP</i>
417# <i>iptables -A FORWARD -s 192.168.0.0/255.255.0.0 -j ACCEPT</i> 417# <i>iptables -A FORWARD -i eth0 -s 192.168.0.0/255.255.0.0 -j ACCEPT</i>
418# <i>iptables -A FORWARD -d 192.168.0.0/255.255.0.0 -j ACCEPT</i> 418# <i>iptables -A FORWARD -i eth1 -d 192.168.0.0/255.255.0.0 -j ACCEPT</i>
419# <i>iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE</i> 419# <i>iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE</i>
420<comment>Tell the kernel that ip forwarding is OK</comment> 420<comment>Tell the kernel that ip forwarding is OK</comment>
421# <i>echo 1 > /proc/sys/net/ipv4/ip_forward</i> 421# <i>echo 1 > /proc/sys/net/ipv4/ip_forward</i>
422# <i>for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done</i> 422# <i>for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done</i>
423 423
Legend:
Removed from v.1.6  
changed lines
  Added in v.1.7
  ViewVC Help
Powered by ViewVC 1.1.13