Thursday, April 7, 2011

Ubuntu ufw firewall using NAT

Thursday, April 07, 2011 Posted by Andre Broers , , , 4 comments
sudo apt-get install ufw

In the file /etc/default/ufw change the parameter DEFAULT_FORWARD_POLICY

DEFAULT_FORWARD_POLICY="ACCEPT"

also configure /etc/ufw/sysctl.conf to allow forwarding (the parameter is commented out by default)

net.ipv4.ip_forward=1

the final step is to add NAT to ufw’s configuration. Add the following to /etc/ufw/before.rules just after the header:
# nat Table rules 
*nat 
:POSTROUTING ACCEPT [0:0] 
# Forward traffic through ppp0 - Change to match you out-interface 
-A POSTROUTING -s 192.168.1.0/24 -o ppp0 -j MASQUERADE 
# don't delete the 'COMMIT' line or these nat table rules won't 
# be processed 
COMMIT

Enable the changes
sudo ufw disable && sudo ufw enable

original: https://www.nowhere.dk/articles/tip_nat_with_ubuntus_ufw_firewall

4 comments: