to enable ufw
# ufw enable
to allow a port
# ufw allow <port>
ex.
# ufw allow 22
edit
/etc/default/ufw
to accept forwarding requestsdefault_forward_policy = "accept"
edit
/etc/ufw/sysctl.conf
to allow forwardingnet.ipv4.ip_forward=1
edit
/etc/ufw/before.rules
, add the ff. after the first comment
# nat Table rules
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
# Forward traffic from eth1 through eth0.
-A POSTROUTING -s 223.223.223.0/24 -j SNAT --to 192.168.0.145
#-A POSTROUTING -s 223.223.223.1 -o eth0 -j MASQUERADE
-A POSTROUTING -s 223.223.223.1 -j SNAT --to 192.168.0.145
-A POSTROUTING -s 223.223.223.2 -j SNAT --to 192.168.0.145
# don't delete the 'COMMIT' line or these table rules won't be processed
COMMIT
reload ufw by disabling and enabling the firewall
# ufw disable
# ufw enable
No comments:
Post a Comment