Re: [LAD] [ot] - NEED some security advise PLEASE! + new question

From: Jörn Nettingsmeier <nettings@email-addr-hidden-hochschule.de>
Date: Sun Feb 15 2009 - 13:46:55 EET

Luis Garrido wrote:
>> I need to set up a machine as a router. One side is
>> a fixed public IP address, the other side is a local
>> net using 192.168.1.x. I want to give internet access
>> to the machines on the local net, so this requires
>> (AFAIK) NAT. Anyone has a pointer to a good tutorial
>> about how to do this ?
>>
>
> Google the words 'iptables' and 'masquerade', piece of cake.

masquerade only works from the inside to the world.
for remote access to inside hosts, you need port forwarding (or "DNAT",
destination nat, in iptables lingo).

problem is, when you have, say, 16 hosts for which you want to open ssh
access, you need 16 ports on the router. gets nasty real quick.
what i usually did was to say "port 22000 is the base port for ssh, add
the last quad of the internal ip address of the host you want to reach"
and forward accordingly. same for any other services you might want.

_______________________________________________
Linux-audio-dev mailing list
Linux-audio-dev@email-addr-hidden
http://lists.linuxaudio.org/mailman/listinfo/linux-audio-dev
Received on Sun Feb 15 16:15:04 2009

This archive was generated by hypermail 2.1.8 : Sun Feb 15 2009 - 16:15:05 EET