Carlos Aguni

Highly motivated self-taught IT analyst. Always learning and ready to explore new skills. An eternal apprentice.

Bastion network

15 Oct 2022 »

https://serverfault.com/questions/864760/iptables-bastion-network-with-acces-to-internet-how-to-set-up-rules

sysctl -w net.ipv4.ip_forward=1

export internet=enp2s0
export internal=enp3s0

iptables -A FORWARD -o $internet -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -i $internet -j ACCEPT
iptables -t nat -A POSTROUTING -o $internet -j MASQUERADE
iptables -A FORWARD -o $internal -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -i $internal -j ACCEPT
iptables -t nat -A POSTROUTING -o $internal -j MASQUERADE