I have got some way with setting up iptables for firewalling and NAT
for my LAN. I have read most of the howtos, faqs and example iptables
setup scripts but I am now stuck!
I have set up iptables like this:
IPT="/sbin/iptables -v" # Location of iptables binary plus
LAN_IF=eth0 # LAN interface
WAN_IF=ppp0 # WAN interface
LAN_IP=192.168.0.0/8 # LAN IP addresses
WAN_IP=staticipaddress # WAN IP address
# Change source IP address of Internet traffic before forwarding.
$IPT -t nat -A POSTROUTING -o $WAN_IF -j SNAT --to-source $WAN_IP
# Activate forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
This works in that I can access the Internet from another machine on
the LAN (also news and ping). However it _doesn't_ work as expected in
New (i.e. opened after running the iptables script) ssh sessions
connections fail to connect, but old ones continue to work OK.
However smb works fine, even if Samba is restarted after running the
I thought that entries in the POSTROUTING table only acted on packets
that were on their way out of the box. Any explanations and
suggestions for getting ssh to work would be welcome.