18
Jan

Setting up a Linux Proxy server using Fedora core 5

   Posted by: Vivek Khokhar   in Linux

Add Comment

Assumption:

- eth0 is the external interface (Connected to internet)
- eth1 is the internal interface (local network) (Fixed IP)

Edit /etc/sysctl.conf to enable ip forwarding permanently.

net.ipv4.ip_forward = 1

Edit /etc/sysconfig/iptables-config and make following changes:

IPTABLES_MODULES=”ip_conntrack_netbios_ns ip_conntrack ip_conntrack_ftp ip_conntrack_irc iptable_nat ip_nat_ftp ip_nat_irc”
IPTABLES_SAVE_ON_STOP=”yes”
IPTABLES_SAVE_ON_RESTART=”yes”

# To clear out any existing rules and set default policy,
# run following commands on command prompt
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F

# FWD: Allow all connections OUT and only existing and related ones IN

iptables -A FORWARD -i eth0 -o eth1 -m state –state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

# Enabling MASQUERADE functionality on eth0
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

This entry was posted on Thursday, January 18th, 2007 at 9:40 pm and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a reply

You must be logged in to post a comment.

Back to top