user = Administrator #With the first capital letter
pass = soporteETB2006
Or
Pass = soporteETB2007
Have worked for me! many times to disable the modem firewall…. change DNS servers and NAT range.
Network Address Translation, very useful for me.
You should have at leat two network interfaces.
This is an example using MASQUERADE (SNAT) dump type.
The kernel IP forwarding should be enabled before begins to setup NAT rules.
To enable on debian’s based system
# echo 1 > /proc/sys/net/ipv4/ip_forward ;(temporarily)
or add to the /etc/sysctl.conf file :
net.ipv4.ip_forward = 1 ;(for permanent)
Accepting connections through FORWARD table:
# iptables -P FORWARD ACCEPT
so the rule:
# iptables -t nat -A POSTROUTING -o (interface that has the internet connection) -j MASQUERADE
Note: is very important to have two different network ranges like and know what would be the gateway on the clients.
eth0 > dhcp from ISP
eth1 > 172.20.0.0 (NAT range)
For permanent effect:
add to /etc/rc.local script this line:
/sbin/iptables -t nat -A POSTROUTING -o (interface with internet) -j MASQUERADE
MANUAL CLIENTS CONFIGURATION
note: you can set up a DHCP server and make the job easier.
ip > 172.20.0.10 (into NAT range) ; this address could be different
Subnet Mask > 255.255.255.0 ; this address could be different
Gateway > 172.20.0.1 ; Linux nat interface (in this case eth1 address)
DNS servers > you can set public DNS address like openDNS or internal ones. On the Linux system machine with NAT rules type:
# cat /etc/resolv.conf
and put the Linux’s system DNS. (may be a router with another NAT range with a DNS server configured)
Tip! You can make restrinctions to any service on the network introducing INPUT rules like into FORWARD table with the prefix:
# iptables -A FORWARD ... DOne.
Nowadays, It’s very important to get a fully working/firewall on your computer or in which you put your hands. I used to use Firestarter in my Debian’s Based System, But although is very functional, I didn’t like the way to apply the rules and manage the FORWARD and OUPUT rules as well. To manage your firewall directly with iptables you can read this and find it out in a simple way.
I supose you already have iptables installed in your system.
Previously to set up rules:
# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT # iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
General Rules:
# iptables -P INPUT DROP # iptables -P FORWARD DROP # iptables -P OUTPUT ACCEPT
Examples of rules:
# iptables -A INPUT -d (server address) -p FTP --dport 22 -j ACCEPT # iptables -A INPUT -s 172.0.0.2 -d (server address) -p ICMP -j ACCEPT # iptables -A INPUT -d (server address) -p ICMP -j DROP
androus