Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
iptables configuration
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
mrbrklyn
n00b
n00b


Joined: 05 Oct 2017
Posts: 8

PostPosted: Sat Oct 07, 2017 10:02 am    Post subject: iptables configuration Reply with quote

I want to ditch network manager and put in a static network config

I set up things in /etc/conf.d/net

Now I need to put in a simple iptable command for masquarading and I don't see how it fits within the complex /etc/init.d/iptables configuration.


I have to create a rule and then save it, but I don't see where or docs on the form of the file

/usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Also, I don't see how to turn on port forwarding.
Back to top
View user's profile Send private message
charles17
Advocate
Advocate


Joined: 02 Mar 2008
Posts: 2660

PostPosted: Sat Oct 07, 2017 11:37 am    Post subject: Reply with quote

Have you seen the iptables wiki article?
Then see https://www.systutorials.com/816/port-forwarding-using-iptables/
Back to top
View user's profile Send private message
szatox
Veteran
Veteran


Joined: 27 Aug 2013
Posts: 1764

PostPosted: Sat Oct 07, 2017 1:35 pm    Post subject: Reply with quote

IPv4 forwarding in runtime:
sysctl net.ipv4.conf.all.forwarding=1
IPv6 forwarding in runtime:
sysctl net.ipv6.conf.all.forwarding=1
To make it persistent, put params from those commands above into a config file you can find in /etc (so they will be loaded on every boot)

Gentoo comes with iptables service. It has a non-standard command "save", which dumps current rules to a file somewhere in /var/lib, and loads those rules back when the service starts, which makes a pretty nice and easy to use interface. You just set your rules manually, and once you're happy with them, you use 'service iptables save' to make them permanent.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 18084

PostPosted: Sat Oct 07, 2017 3:01 pm    Post subject: Reply with quote

Moved from Other Things Gentoo to Networking & Security.
_________________
Those who know what's best for us must rise and save us from ourselves.
Back to top
View user's profile Send private message
mrbrklyn
n00b
n00b


Joined: 05 Oct 2017
Posts: 8

PostPosted: Sat Oct 07, 2017 6:47 pm    Post subject: Reply with quote

charles17 wrote:
Have you seen the iptables wiki article?
Then see https://www.systutorials.com/816/port-forwarding-using-iptables/


that is not useful. I already know everything there. I need to set it up on boot with openrc and no Network Manager et al
Back to top
View user's profile Send private message
mrbrklyn
n00b
n00b


Joined: 05 Oct 2017
Posts: 8

PostPosted: Sat Oct 07, 2017 6:48 pm    Post subject: Reply with quote

szatox wrote:

To make it persistent, put params from those commands above into a config file you can find in /etc (so they will be loaded on every boot)



that is my question. How do I do that.
Back to top
View user's profile Send private message
mrbrklyn
n00b
n00b


Joined: 05 Oct 2017
Posts: 8

PostPosted: Sat Oct 07, 2017 6:51 pm    Post subject: Reply with quote

szatox wrote:
IPv4 forwarding in runtime:
sysctl net.ipv4.conf.all.forwarding=1
IPv6 forwarding in runtime:
sysctl net.ipv6.conf.all.forwarding=1
To make it persistent, put params from those commands above into a config file you can find in /etc (so they will be loaded on every boot)

Gentoo comes with iptables service. It has a non-standard command "save", which dumps current rules to a file somewhere in /var/lib, and loads those rules back when the service starts, which makes a pretty nice and easy to use interface. You just set your rules manually, and once you're happy with them, you use 'service iptables save' to make them permanent.


Oh. I was wondering because there are a bunch of files in that sub directory that seem to need entries
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14180

PostPosted: Sat Oct 07, 2017 11:25 pm    Post subject: Reply with quote

The persistent sysctl file szatox hinted at has a very subtle name: /etc/sysctl.conf. Put the settings there. Ensure that rc service sysctl is in the boot runlevel. That will enable IP packet forwarding for IPv4/IPv6, as appropriate. Separately, you may need iptables rules if the forwarded traffic needs to be rewritten.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum