I'm following a tutorial on setting up a dns-tunnel.
I've run into the following instruction:
Now you need to enable forwarding on this server. I use iptables to implement masquerading. There are many HOWTOs about this (a simple one, for example). On Debian, the configuration file for iptables is in /var/lib/iptables/active. The relevant bit is:
*nat
:PREROUTING ACCEPT [6:1596]
:POSTROUTING ACCEPT [1:76]
:OUTPUT ACCEPT [1:76]
-A POSTROUTING -s 10.0.0.0/8 -j MASQUERADE
COMMIT
Restart iptables:
/etc/init.d/iptables restart
The problem is that I don't have any /var/lib/iptables/active. (I'm on ubuntu.)
How can I accomplish this? I suspect that I should just interact with the iptables command somehow but I have no clue what to write. Best would probably be if I could put the commands in a script somehow I suppose.
(A side-note. If I execute a few iptables-commands it wont be there for ever, right? The rules will be discarded on reboot?)
Use the following command:
If you want it to be applied everytime the system boots the easiest way will be to put in the file
/etc/rc.localbefore theexit 0line.Best of luck,
João Miguel Neves
for what it's worth, there's no /var/lib/iptables/active on my debian system, so i'm guessing this guide/howto is out of date a little bit.
i'm not even really sure what to make of:
*nat :PREROUTING ACCEPT [6:1596] :POSTROUTING ACCEPT [1:76] :OUTPUT ACCEPT [1:76]
i'm guessing it's either the default rules for the chains or specifying you should allow ports 6 to 1596, etc.
You may find it simpler to install Shorewall and let it manage the iptables for you. It is packaged for Debian and well documented.
there is a package that contains a system service to restore
put rules in /etc/iptables/rules.
one way to do this is: