Trust and open firewall to remote server

[Mark_B]

Hi, Newbie here

I'm struggling to get my firewall to do what I need.

Setup is ...

Internal network is protected from the internet via a linux box firewall that does all the port forwarding to the local servers that need internet visibility.

Local machine internet browsing all goes though proxy which is another separate linux box.

I need a local server to be able to fully see and communicate with a remote server without going through the proxy. I have put a proxy bypass entry in the server but I don't seem to be able to get the iptables rules correct to see the remote server.

The rules I have tried are

iptables -A INPUT -d xxx.xxx.xx.xxx -j ACCEPT
iptables -A FORWARD -d xxx.xxx.xx.xxx -j ACCEPT
iptables -A INPUT -s xxx.xxx.xx.xxx -j ACCEPT
iptables -A OUTPUT -d xxx.xxx.xx.xxx -j ACCEPT
iptables -t nat -A POSTROUTING -j MASQUERADE

xxx.xxx.xx.xxx is the remote server ip address

TIA

Mark

[scathefire]

Perhaps you should try stateful rules:

Code:

iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -d xxx.xxx.xx.xxx -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Something like that.

[Mark_B]

Problem solved, I had typed ACCEPT in the firewall rules rather than MASQUERADE

Thanks