0

I have a machine that I want to use as a gateway between the router.

For example:

  1. Several machines on the network wants to access www.google.com lets say
  2. Send their requests to me
  3. I send them to my router
  4. Receive responses from my router
  5. Send them back to clients

How can I do that in a unix enviroment (using iptables perhaps)?

Panayiotis
  • 103
  • 3

2 Answers2

2

Your going to want to enable IP forwarding, and then either setup your route tables or use IP tables for NAT'ing. Here is information on how to set up NAT'ing:

  • echo 1 > /proc/sys/net/ipv4/ip_forward

  • Edit /etc/sysctl.conf and change the line that says net.ipv4.ip_forward = 0 to net.ipv4.ip_forward = 1

  • /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    /sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
    /sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

I believe you can just drop the MASQUERADE line if you want forwarding and no NAT.

Other than your specific example of an HTTP request, the rest of your details indicate you want an actual gateway, and not just a proxy.

leepfrog
  • 488
  • 2
  • 9
Rapzid
  • 186
  • 5
1

It seems to me you need to run HTTP proxy server like squid. You have two options:

  1. Configure the clients' browsers on all machines to use this proxy server. In this case all requests will be sent by them directly to proxy server which will send the request to real server and send the reply back to them.
  2. Redirect all outgoing HTTP requests transparently to the proxy server using iptables on the clients gateway.
Khaled
  • 36,533
  • 8
  • 72
  • 99