View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004377 | Linux server software | CentOS | public | 2021-10-30 16:08 | 2022-11-23 11:51 |
| Reporter | DigitalMy | ||||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | assigned | Resolution | open | ||
| Summary | 0004377: Use CentOS 8 as router | ||||
| Description | yum -y install epel-release | ||||
| Tags | No tags attached. | ||||
|
|
yum -y install epel-release yum install p7zip yum -y install mc yum -y install iptables-services yum -y install iftop yum -y install htop |
|
|
sudo yum config-manager --add-repo https://repo.fortinet.com/repo/7.0/centos/8/os/x86_64/fortinet.repo sudo yum install forticlient cd /opt/forticlient sudo ./start-fortitray-launcher.sh |
|
|
route -n echo 1 > /proc/sys/net/ipv4/ip_forward mc /etc/sysctl.conf net.ipv4.ip_forward = 1 sysctl -w net.ipv4.ip_forward=1 systemctl start firewalld firewall-cmd –permanent –direct –passthrough ipv4 -t nat -I POSTROUTING -o vpn -j MASQUERADE -s 10.1.1.0/24 firewall-cmd –permanent –direct –passthrough ipv4 -t nat -I POSTROUTING -o vpn -j MASQUERADE -s 10.1.0.0/24 iptables -t nat -A POSTROUTING -o vpn -j MASQUERADE -s 10.1.1.0/24 iptables -t nat -A POSTROUTING -o vpn -j MASQUERADE -s 10.1.0.0/24 iptables -A FORWARD -i vpn -o enp0s3 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i enp0s3 -o vpn -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i enp0s3 -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT iptables -A OUTPUT -o enp0s3 -j ACCEPT iptables -A OUTPUT -o vpn -j ACCEPT iptables -L -v -n systemctl restart firewalld systemctl start iptables.service systemctl enable iptables.service mcedit /etc/iptables.sh > put there rules from above |
|
|
try: mcedit /etc/sysconfig/selinux SELINUX=disabled iptables -D INPUT -j REJECT s 0.0.0.0/0 iptables -S iptables -L -v -n There were two blockers, remove them: iptables -D INPUT 5 iptables -D FORWARD 1 iftop -i vpn -P |