View Single Post
Old 18th September 2006, 10:21
Morons Morons is offline
Senior Member
Join Date: Aug 2006
Posts: 199
Thanks: 8
Thanked 15 Times in 7 Posts
Default GW via SNAT and NOT MASq

I did find it, It is an MOD and this shoeld only be done if you know yr stuff. I do not like this, althow clearly the intended method by the author, It is messy and non-elegant. I would of liked to see an setting in the bastille-firewall.cfg file asking to SNAT or MASq

vi /sbin/bastille-netfilter or edit /sbin/bastille-netfilter
remark the line Around line 390-391
# ${IPTABLES} -t nat -A POSTROUTING -s ${net} -o ${pub} -j MASQUERADE
# ${IPTABLES} -A FORWARD -s ${net} -o ${pub} -j ACCEPT
Around line 397 Remove the # (uncomment it)

What is great is that the DEFAULT_GW_IFACE is self-detected and come from your interface set-up.

Last edited by Morons; 18th September 2006 at 10:30.
Reply With Quote