Created
February 2, 2016 10:31
-
-
Save r0mdau/de12eb6d9a0275b4a544 to your computer and use it in GitHub Desktop.
Configuration d'une passerelle entre 2 réseaux Debian
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| PATH=/usr/sbin:/sbin:/bin:/usr/bin | |
| # | |
| # delete all existing rules. | |
| # | |
| iptables -F | |
| iptables -t nat -F | |
| iptables -t mangle -F | |
| iptables -X | |
| # Always accept loopback traffic | |
| iptables -A INPUT -i lo -j ACCEPT | |
| # Allow established connections, and those not coming from the outside | |
| iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| iptables -A INPUT -m state --state NEW -i ! eth1 -j ACCEPT | |
| iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| # Allow outgoing connections from the LAN side. | |
| iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT | |
| # Masquerade. | |
| iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE | |
| # Don't forward from the outside to the inside. | |
| iptables -A FORWARD -i eth1 -o eth1 -j REJECT | |
| # Enable routing. | |
| echo 1 > /proc/sys/net/ipv4/ip_forward |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment