Find the answer to your Linux question:
Results 1 to 3 of 3
Hi guys. what I need to do is: I have a centos box with two nics eth0 is connected to the network. eth1 I want to connect to a router ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2012
    Posts
    1

    Sharing network connection between two nics in one box .centos


    Hi guys.

    what I need to do is:

    I have a centos box with two nics

    eth0 is connected to the network.

    eth1 I want to connect to a router and connect 3 more machines to it.

    I want the Centos box to give internet access to the router and the other 3 pc's but I don't want anyone from the outside world to be able to reach the little network.

    any ideas?

  2. #2
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Familiarize yourself with the Firewall provided by the Linux kernel (a.k.a. iptables/netfilter). You can do all that you mention with it. There is a graphical utility that can get you started, but a lot of the commands you'll have to work out yourself, experimentation is key here.

    The software is probably already installed on your system:
    Code:
    man iptables
    man iptables-save
    There is an initscript that control starting and stopping it, too, e.g.:
    Code:
    /etc/init.d/iptables stop
    /etc/init.d/iptables start
    In a nutshell, you run commands using the iptables utility. You insert rules using it. You can then save it to file with the iptables-save command. This file is by default /etc/sysconfig/iptables. There are way too many options available to list here, go read up on it.

    Keep in mind that to do routing, you'll need to enable TCP forwarding. You can do this in the /etc/sysctl.conf file.

  3. #3
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    First thing you need to do is turn on FORWARDing on the Linux box.

    Code:
    sysctl -w net.ipv4.ip_forward=1
    Then you need to ensure that it is on when the system gets rebooted by changing /etc/sysctl.conf as follows;

    in sysctl.conf change

    Code:
    net.ipv4.ip_forward = 0
    to

    Code:
    net.ipv4.ip_forward = 1
    .

    A simple firewall could be;

    Code:
    iptables -P INPUT DROP
    iptables -P OUTPUT DROP
    iptables -P FORWARD DROP
    iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A INPUT -i eth1 -m state --state NEW -j ACCEPT
    iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A OUTPUT -m state --state NEW -j ACCEPT
    iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i eth1 -o eth0 - state --state NEW -j ACCEPT
    This should get you started with your firewall. More reading is located HERE!

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •