Friday, January 13, 2012

ubuntu: enable ip forwarding using ufw

ufw is ubuntu's firewall configuration tool

to enable ufw
# ufw enable

to allow a port
# ufw allow <port>
ex. # ufw allow 22

edit /etc/default/ufw to accept forwarding requests
default_forward_policy = "accept"

edit /etc/ufw/sysctl.conf to allow forwarding
net.ipv4.ip_forward=1

edit /etc/ufw/before.rules, add the ff. after the first comment

# nat Table rules
*nat
:PREROUTING ACCEPT [0:0]

:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]

# Forward traffic from eth1 through eth0.
-A POSTROUTING -s 223.223.223.0/24 -j SNAT --to 192.168.0.145
#-A POSTROUTING -s 223.223.223.1 -o eth0 -j MASQUERADE
-A POSTROUTING -s 223.223.223.1 -j SNAT --to 192.168.0.145
-A POSTROUTING -s 223.223.223.2 -j SNAT --to 192.168.0.145

# don't delete the 'COMMIT' line or these table rules won't be processed
COMMIT



reload ufw by disabling and enabling the firewall

# ufw disable
# ufw enable

No comments:

Post a Comment

SSH : No matching host key type found. Their offer: ssh-rsa,ssh-dss

Got this while connecting to my mikrotik router via ssh   Unable to negotiate with <ip address> port <ssh port>: no matching hos...