Find the answer to your Linux question:
Results 1 to 3 of 3
Hi, Newbie here I'm struggling to get my firewall to do what I need. Setup is ... Internal network is protected from the internet via a linux box firewall that ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2011
    Posts
    2

    Trust and open firewall to remote server


    Hi, Newbie here

    I'm struggling to get my firewall to do what I need.

    Setup is ...

    Internal network is protected from the internet via a linux box firewall that does all the port forwarding to the local servers that need internet visibility.

    Local machine internet browsing all goes though proxy which is another separate linux box.

    I need a local server to be able to fully see and communicate with a remote server without going through the proxy. I have put a proxy bypass entry in the server but I don't seem to be able to get the iptables rules correct to see the remote server.

    The rules I have tried are

    iptables -A INPUT -d xxx.xxx.xx.xxx -j ACCEPT
    iptables -A FORWARD -d xxx.xxx.xx.xxx -j ACCEPT
    iptables -A INPUT -s xxx.xxx.xx.xxx -j ACCEPT
    iptables -A OUTPUT -d xxx.xxx.xx.xxx -j ACCEPT
    iptables -t nat -A POSTROUTING -j MASQUERADE

    xxx.xxx.xx.xxx is the remote server ip address

    TIA

    Mark

  2. #2
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    Perhaps you should try stateful rules:
    Code:
    iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -d xxx.xxx.xx.xxx -j ACCEPT
    iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    Something like that.
    linux user # 503963

  3. #3
    Just Joined!
    Join Date
    Oct 2011
    Posts
    2
    Problem solved, I had typed ACCEPT in the firewall rules rather than MASQUERADE

    Thanks

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •