Notes: molecular simulation (was HPC in Sciences): Simple NAT rules (tested on oscar 5)

I think this iptables rule should be sufficient if you want to have a very simple function that allows your client to connect some outside ip. Put this in /etc/sysconfig/iptables and restart iptables. Please note: my eth0 is for OSCAR intranet, and eth1 is for internet, please change them according to your own setting.

*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o eth1 -j MASQUERADE 
COMMIT
#
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -d 192.168.0.0/255.255.255.0 -i eth0 -j ACCEPT 
-A FORWARD -s 192.168.0.0/255.255.255.0 -i eth0 -j ACCEPT 
COMMIT

Notes: molecular simulation (was HPC in Sciences)

Saturday, November 18, 2006

Simple NAT rules (tested on oscar 5)

No comments:

Categories