Find the answer to your Linux question:
Results 1 to 3 of 3
Hi guys. what I need to do is: I have a centos box with two nics eth0 is connected to the network. eth1 I want to connect to a router ...
  1. 01-19-2012 #1
    tryLinux
    tryLinux is offline
    Just Joined!
    Join Date
    Jan 2012
    Posts
    1

    Sharing network connection between two nics in one box .centos

    Hi guys.

    what I need to do is:

    I have a centos box with two nics

    eth0 is connected to the network.

    eth1 I want to connect to a router and connect 3 more machines to it.

    I want the Centos box to give internet access to the router and the other 3 pc's but I don't want anyone from the outside world to be able to reach the little network.

    any ideas?
    Reply With Quote Reply With Quote
  2. 01-20-2012 #2
    atreyu
    atreyu is offline
    Linux Guru
    Join Date
    May 2011
    Posts
    1,843
    Familiarize yourself with the Firewall provided by the Linux kernel (a.k.a. iptables/netfilter). You can do all that you mention with it. There is a graphical utility that can get you started, but a lot of the commands you'll have to work out yourself, experimentation is key here.

    The software is probably already installed on your system:
    Code:
    man iptables
man iptables-save
    There is an initscript that control starting and stopping it, too, e.g.:
    Code:
    /etc/init.d/iptables stop
/etc/init.d/iptables start
    In a nutshell, you run commands using the iptables utility. You insert rules using it. You can then save it to file with the iptables-save command. This file is by default /etc/sysconfig/iptables. There are way too many options available to list here, go read up on it.

    Keep in mind that to do routing, you'll need to enable TCP forwarding. You can do this in the /etc/sysctl.conf file.
    Reply With Quote Reply With Quote
  3. 01-21-2012 #3
    Lazydog
    Lazydog is offline
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,281
    First thing you need to do is turn on FORWARDing on the Linux box.

    Code:
    sysctl -w net.ipv4.ip_forward=1
    Then you need to ensure that it is on when the system gets rebooted by changing /etc/sysctl.conf as follows;

    in sysctl.conf change

    Code:
    net.ipv4.ip_forward = 0
    to

    Code:
    net.ipv4.ip_forward = 1
    .

    A simple firewall could be;

    Code:
    iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth1 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state NEW -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 - state --state NEW -j ACCEPT
    This should get you started with your firewall. More reading is located HERE!

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...