HPE Community
Operating System - Linux
1829742 Members
1293 Online
109992 Solutions
New Discussion

Re: Red Hat 7.2

 
SOLVED
Go to solution
manny_9
Frequent Advisor

‎11-18-2003 12:18 PM

‎11-18-2003 12:18 PM

Red Hat 7.2

question from Linux newbie.
We have server which performs two functions that we know of....email and internet gateway.

I don't know much about NAT.
What and Where would I look at, to find out out if this box is performing NAT??

Thanks In Advance
Fred
0 Kudos
Reply
9 REPLIES 9
K.C. Chan
Trusted Contributor

‎11-18-2003 12:23 PM

‎11-18-2003 12:23 PM

Solution

Re: Red Hat 7.2

Most likely it is using ipchains or iptables to NAT, I think it is the later; you can find out by doing iptables -L, this should list the all policy and rulesets. I would suggest you read on iptables, sorry at the moment I drawing blanks on url for iptables documents.
Reputation of a thousand years can be determined by the conduct of an hour
Reply
Steven E. Protter
Exalted Contributor

‎11-18-2003 12:57 PM

‎11-18-2003 12:57 PM

Re: Red Hat 7.2

I'm uploading a iptables configuration file that does NAT among other things.

The IP addresses have been changed to protect the innocent.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Ragu_1
Regular Advisor

‎11-18-2003 02:26 PM

‎11-18-2003 02:26 PM

Re: Red Hat 7.2

Redhat 7.2 comes with an older Linux kernel that does not support iptables. Maybe you should start out with reading this excellent tutorial on IPTables first, http://www.linuxsecurity.com/resource_files/firewalls/IPTables-Tutorial/iptables-tutorial.html before you deploy your firewall using NAT.
Share and share alike
Reply
Stuart Browne
Honored Contributor

‎11-18-2003 02:58 PM

‎11-18-2003 02:58 PM

Re: Red Hat 7.2

Atually RH7.2 was the second in the series to support tables.

It uses ipchains by default, however, and thus you need to issue the following commands to make use of iptables:

service ipchains stop
rmmod ipchains
chkconfig --level 0123456 ipchains off
chkconfig --level 2345 iptables on
service iptables start

This will do most of the legwork for you.

After that , 'iptables -t nat' is your friend. DNAT, SNAT, REDIRECTS, or even MASQUERADE's.
One long-haired git at your service...
Reply
manny_9
Frequent Advisor

‎11-19-2003 11:40 AM

‎11-19-2003 11:40 AM

Re: Red Hat 7.2

Thanks to everyone who responded! BIG HELP!!

I now have somewhat of a clue.
When i did iptables -L i found out that iptables is really doing NAT.
Is there anything else that would work in conjunction with iptables? What/where should i check to find out exactly what this box is doing. We are in the process of building a new one.
0 Kudos
Reply
manny_9
Frequent Advisor

‎11-19-2003 10:44 PM

‎11-19-2003 10:44 PM

Re: Red Hat 7.2

Anyone???
0 Kudos
Reply
Alexander Chuzhoy
Honored Contributor

‎11-19-2003 11:20 PM

‎11-19-2003 11:20 PM

Re: Red Hat 7.2

Hi. Running "netstat" with it various options will show on what ports your server is listening-what services are running.
Iptables is widely used for the following:
* build internet firewalls based on stateless and stateful packet filtering
* use NAT and masquerading for sharing internet access where you don't have enough addresses
*use NAT for implementing transparent proxies
* aid the tc+iproute2 system used to build sophisticated QoS routers
* do further packet manipulation (mangling) like altering the TOS field of the IP header


For more information:
www.iptables.org
Reply
Alexander Chuzhoy
Honored Contributor

‎11-19-2003 11:30 PM

‎11-19-2003 11:30 PM

Re: Red Hat 7.2

Forgot to mention:
service --status-all |grep running 2> /dev/zero
will output all running sevrices
Best regards
Reply
Jerome Henry
Honored Contributor

‎11-20-2003 12:12 AM

‎11-20-2003 12:12 AM

Re: Red Hat 7.2

Another valuable tool for nating and controling in/out transit is squid.
http://www.squid-cache.org

hth

J
You can lean only on what resists you...
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.