iptables INVALID use case

Publié le

This article describes a use case of iptables INVALID state. LAN 192.168.0.0/24 is connected to the gateway 192.168.0.1 eth1. VPN server 192.168.0.100 offers VPN services on network 10.0.0.0/24, for example a client will have the address 10.0.0.237. VPN server has two interfaces 192.168.0.100 and 10.0.0.1, forwarding is enabled. All routes are maintained ONLY on the … Lire la suite iptables INVALID use case

iptables FORWARD with and without NAT

Publié le

Simple forward from network 192.168.0.0/24 to network 172.16.0.0/24. GW 192.168.0.1 and 172.16.0.1 iptables -A FORWARD -i eth1 -o eth0 -s 192.168.0.0/24 -d 172.16.0.0/24 -m state –state NEW,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -s 172.16.0.0/24 -d 192.168.0.0/24 -m state –state ESTABLISHED,RELATED -j ACCEPT On the gateway tcpdump will show: 05:58:48.316239 IP 192.168.0.22 … Lire la suite iptables FORWARD with and without NAT