Thanks so much for this video! I've been combing through articles and forum posts all day and getting really confused but your procedure was just what I was looking for.
@echo_helloworld6 жыл бұрын
Nice Video . This video help me a lot to understand the nat concept practically. Thank you so much.
@rapideye859 ай бұрын
Thank you very much. You see these commands everywhere on the net but it was diffcult to grasp. This will allow me to be able configure Fedora and get that going as a gateway. The benefit of doing this will be getting my DENY ACL list to accept a large amount of IPs and masks - Some firewall companies limit the amount of address or address objects you can configure which is bad for people like me who host their own stuff and are trying to mitigate DDoS without any restriction, but also without being forced to use pFSense or other solutions I don't need. I just want to stay within the Linux stack and be able to quickly block and edit ranges without any confines.
@pajeetsingh8 ай бұрын
Good job brother. Self reliance.
@2kcars5076 жыл бұрын
A burnt-out power supply on your router? No problem! Just use this one neat trick to turn your (dual-nic) linux box into a router! Great video.
@forresthopkinsa Жыл бұрын
Why use firewalld instead of iptables directly? And why aren't you explaining what these rules are actually doing?
@rapideye859 ай бұрын
In CentOS and Fedora / RHEL - firewalld is enabled by default and is the recommended way to configure these types of things. If you want to use iptables you may but you must disable firewalld first.
@mirsahib596 Жыл бұрын
what is the difference between using nat masquerade through iptable vs firewall-cmd
@rapideye859 ай бұрын
Mainly just syntax but firewalld is a bit more easier once you get used to it. You can easily move interfaces in and out of zones which eases configuration. I believe firewalld is merely a wrapper anyways so it does some of the work for you .
@shrek14123 жыл бұрын
can we do same configuration with iptables command?
@pimm19755 жыл бұрын
I put it use great explanation, thanks for sharing.
@jdkillian19655 ай бұрын
Will this also work if I have a dhcp server configured and running or is it a different process?
@NetSecProf5 ай бұрын
NAT is a separate process. You can run a DHCP server on the same machine if you want. The restrictions for the DHCP server is that the IP address associated with the DHCP service should be static and the DHCP service should have a pool of addresses you assign to the internal subnet.
@jdkillian19655 ай бұрын
@@NetSecProf so basically install and configure the dhcp for the internal network and the process should work the same without any further configurations?
@NetSecProf5 ай бұрын
@@jdkillian1965 Yes, basically. If you also have DNS for any internal services, you might need to either configure multiple views or configure a destination NAT that loops to internal addresses.
@marcodeoliveira23134 жыл бұрын
Nice video. Helps me a lot!
@AxelWerner4 жыл бұрын
That was nice while we had native IPv4 networks and Addresses. Meanwhile the cheap arse ISPs only offer IPv6 (DS lite) internet connections and often do not allow to keep controll over your private LAN and therefor private IP address configuration. they often "dictate" how to connect your devices and what IPv6 addresses to use, without asking. THIS SUCKS! So we need to get back controll over our LAN. just like with IPv4 once. so how to do that? how to do IPv6 Masquerading/NATv6, routing, firewalling, dhcp, dns with IPv6 on the home network with cheap IPv6 only ISP ?
@forresthopkinsa Жыл бұрын
You can still NAT over IPv6 if you really want to, it's basically the same