{"id":87003,"date":"2011-05-21T13:57:53","date_gmt":"2011-05-21T05:57:53","guid":{"rendered":"\/2011\/05\/21\/ubuntu_iptables.html"},"modified":"2011-05-21T13:57:53","modified_gmt":"2011-05-21T05:57:53","slug":"ubuntu_iptables","status":"publish","type":"post","link":"https:\/\/blog.zhenglei.net\/?p=87003","title":{"rendered":"VPS Ubuntu 10.10 config (4)  iptables"},"content":{"rendered":"<p>(1)&nbsp;&nbsp; Enable IP forwarding in linux&nbsp;&nbsp;&nbsp;&nbsp;<\/p>\n<pre><code>   echo 1 &gt; \/proc\/sys\/net\/ipv4\/ip_forward<\/code><\/pre>\n<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Set&nbsp; net.ipv4.ip_forward = 1 in&nbsp; \/etc\/sysctl.conf:<\/p>\n<p>&nbsp;<\/p>\n<p>(2)&nbsp; Enable NAT for the subnet of OpenVPN<\/p>\n<p>&nbsp;&nbsp; sudo iptables -t nat -A POSTROUTING -s 10.168.100.0\/24 -o eth0&nbsp; -j MASQUERADE<br \/>&nbsp;&nbsp; sudo iptables -t nat -A POSTROUTING -s 10.168.200.0\/24 -o eth0&nbsp; -j MASQUERADE<\/p>\n<p>&nbsp;<\/p>\n<p>(3) Keep iptables<\/p>\n<pre> sudo bash -c \"iptables-save &gt; \/etc\/iptables.rules\"<\/pre>\n<p>&nbsp;<\/p>\n<p>(4) Auto start on boot by add the following lines into \/etc\/network\/interfaces:<\/p>\n<pre><em>auto eth0<br \/>iface eth0 inet XXXX<br \/>  pre-up iptables-restore &lt; \/etc\/iptables.rules<\/em><br \/><\/pre>\n<pre>  <\/pre>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Setup basic iptabls of Ubuntu for OpenVPN <a href=\"https:\/\/blog.zhenglei.net\/?p=87003\">\u7ee7\u7eed\u9605\u8bfb <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,9],"tags":[88],"class_list":["post-87003","post","type-post","status-publish","format-standard","hentry","category-internet","category-vps","tag-ubuntu"],"_links":{"self":[{"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=\/wp\/v2\/posts\/87003","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=87003"}],"version-history":[{"count":0,"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=\/wp\/v2\/posts\/87003\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=87003"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=87003"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.zhenglei.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=87003"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}