[LAD] [ot] - NEED some security advise PLEASE! + new question
Jörn Nettingsmeier
nettings at folkwang-hochschule.de
Sun Feb 15 11:46:55 UTC 2009
Luis Garrido wrote:
>> I need to set up a machine as a router. One side is
>> a fixed public IP address, the other side is a local
>> net using 192.168.1.x. I want to give internet access
>> to the machines on the local net, so this requires
>> (AFAIK) NAT. Anyone has a pointer to a good tutorial
>> about how to do this ?
>>
>
> Google the words 'iptables' and 'masquerade', piece of cake.
masquerade only works from the inside to the world.
for remote access to inside hosts, you need port forwarding (or "DNAT",
destination nat, in iptables lingo).
problem is, when you have, say, 16 hosts for which you want to open ssh
access, you need 16 ports on the router. gets nasty real quick.
what i usually did was to say "port 22000 is the base port for ssh, add
the last quad of the internal ip address of the host you want to reach"
and forward accordingly. same for any other services you might want.
More information about the Linux-audio-dev
mailing list