IP Masquerading and network cards

ginganinja472

New Member
Joined
Oct 6, 2020
Messages
2
Reaction score
0
Credits
29
Hi. I am a second year information systems student. I got an exercise from my university but i am struggling to understand how to complete it, and with covid and not having in person teaching (and tutors and lecturers who dont respond) its taking its toll. I will attach the question as an image.

I need to allow specific traffic on a specified card, with a specified address. All of the filtering requirements for c i understand how to do. eg sudo iptables -A INPUT -j ACCEPT -m conntrack --ctstate ESTABLISHED,RELATED but i am unsure of how to apply a rule like this to "incoming traffic from the internet". I understand it has to do with the network cards. I have seen lots of things add the " -i eth0" part to specify incoming traffic to eth0 (the external card) but how to i specify that the address of the external card is 192.51.100.42 ? i also thought to add something like " -d 192.51.100.42" which i think means allow all established connection traffic where the destination is 192.51.100.42 (my external card). Which of these satisfy the question, if any? How would i go about accomplishing the questions b and c? Any help will be appreciated.
Screenshot (43).png
 


f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
3,893
Reaction score
2,633
Credits
28,122
I think this should help you understand it better.
 
OP
G

ginganinja472

New Member
Joined
Oct 6, 2020
Messages
2
Reaction score
0
Credits
29
I think this should help you understand it better.
Hi. This is a great link and very helpful! see right in the beginning where it says

"The FORWARD policy allows an administrator to control where packets can be routed within a LAN. For example, to allow forwarding for the entire LAN (assuming the firewall/gateway is assigned an internal IP address on eth1), the following rules can be set:"

it assumes the firewall is assigned an internal ip address on eth1. this is the part im having trouble with. How do i assign the internal and external ip addresses? any clue?
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
3,893
Reaction score
2,633
Credits
28,122
Hi. This is a great link and very helpful! see right in the beginning where it says

"The FORWARD policy allows an administrator to control where packets can be routed within a LAN. For example, to allow forwarding for the entire LAN (assuming the firewall/gateway is assigned an internal IP address on eth1), the following rules can be set:"

it assumes the firewall is assigned an internal ip address on eth1. this is the part im having trouble with. How do i assign the internal and external ip addresses? any clue?
You have to configure the network interface(s) with an ip, this will depend on how the distribution has setup networking.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Staff online

Members online


Top