How to configure NAT with iptables on a VPS.
Faheem 
Home, Linux 
enable NAT for iptables, enable NAT on vps, iptables NAT, NAT for iptables, vz NATNAT ( network-address-translation ) with iptables helps us in how to select the packets we want to mangle. We can easily configure NAT on a OpenVZ VPS by following the below steps.
Lets first consider a VPS in which NAT is not enabled. Trying to POSTROUTE from VPS throws you errors.
iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -o venet0 -j SNAT –to 111.140.170.134
or iptables -t nat -nvL
iptables v1.3.5: can’t initialize iptables table `nat’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
To Enable NAT :
* Login to Node server.
Check vzcinfiguration file to find whether NAT is enabled or not.
grep -i iptables /etc/vz/vz.conf
You will get
## IPv4 iptables kernel modules
IPTABLES=”ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length”
Add NAT to the configuration file.
vi /etc/vz/vz.conf
insert ‘iptable_nat’ on to the iptables modules.
## IPv4 iptables kernel modules
IPTABLES=”iptable_nat ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length”
Check NAT is loaded or not,
lsmod | grep nat
================================
[root@node ~]# lsmod | grep nat
iptable_nat 43404 3
ip_nat 53520 2 iptable_nat,vzrst
ip_conntrack 101396 6 iptable_nat,vzrst,ip_nat,vzcpt
nfnetlink 40392 2 ip_nat,ip_conntrack
ip_tables 57440 3 iptable_nat,iptable_mangle,iptable_filter
x_tables 52744 11 iptable_nat,xt_tcpudp,xt_length,ipt_ttl,xt_tcpmss,ipt_TCPMSS,xt_multiport,xt_limit,ipt_tos,ipt_REJECT,ip_tables================================
* Now save the paraments for the VPS to which NAT has to be enabled.
from node :
vzctl set VZID –iptables “iptable_nat iptable_filter iptable_mangle ip_conntrack ipt_conntrack ipt_REDIRECT ipt_REJECT ipt_multiport ipt_helper ipt_LOG ipt_state” –save
VZID is VPS ID, replace it with the correct one.
* Restart VPS
vzctl restart VZID
* Enter into the VPS
vzctl enter VZID
* Check for NAT
iptables -t nat -nvL
===================
[root@vz ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 2 packets, 88 bytes)
pkts bytes target prot opt in out source destinationChain POSTROUTING (policy ACCEPT 1 packets, 72 bytes)
pkts bytes target prot opt in out source destination
0 0 SNAT all – * venet0 10.9.0.0/24 0.0.0.0/0 to:111.140.170.134
0 0 SNAT all – * venet0 10.8.0.0/24 0.0.0.0/0 to:111.140.170.134
0 0 SNAT all – * venet0 10.9.0.0/24 0.0.0.0/0 to:111.140.170.134Chain OUTPUT (policy ACCEPT 1 packets, 72 bytes)
pkts bytes target prot opt in out source destination
===================
*Test whether you are able to postroute the packets on VPS.
iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -o venet0 -j SNAT –to 111.140.170.134
It should work.
4 Comments to “How to configure NAT with iptables on a VPS.”
Post comment
Follow us on Twitter!http://twitter.com/efheem
12MP administrator bash bashrc calculator camera cd/dvd cfs error change IP cPanel csf csf iptable csf vps DKIM dkim spam eject eject linux execution time exim fake orkut FTP ftp error hacking history IP iptable error Linux linux disc Notepad Tricks open source orkut phishing password private folder in windows pro-ftp pure-ftp recover password Red Hat reset administrator password samsung secret folder Teiid time of command time out error Windows windows tricks
WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.
Recent Posts
- lvreduce and lvextent a Linux partition, a quick “howto”!
- Fix Toshiba battery issue for Linux
- How to enable DKIM in cPanel server.
- Exim: remove mails in queue from a particular sender.E
- OpenVZ network down SIOCADDRT: Network is unreachable
- How to configure NAT with iptables on a VPS.
- How to disable gzip output on lightspeed server accounts
- Find Linux OS is 32 or 64bit.
- songbird! iTunes for Ubuntu
- How to Hide Text in Notepad !!
- How to transfer a cPanel account to DirectAdmin.
- System User Account in Windows XP !!
- Configure Windows XP to Automatically Login!
- How to change Linux root password temporarily.
- How to install winrar for Linux
Recent Comments
- Lukman on Fix Toshiba battery issue for Linux
- Tim on Fix Toshiba battery issue for Linux
- sarath on Fix Toshiba battery issue for Linux
- Nils on How to enable DKIM in cPanel server.
- Rajbir Singh Yadav on How to fix the FTP time out error .
[...] This post was mentioned on Twitter by techinterplay. techinterplay said: How to configure NAT with iptables on a VPS. – NAT ( network-address-translation ) with iptables helps us in… http://is.gd/b82Qy #linux [...]
Thank you very much. ^^
Well when i was thinking “this is it” my node thinks other way: “Bad parameter for -i : ptables”
Not even echo iptables, just like that -i : tables
I know is not much of a lead for troublesoot but any ideas?
the node is running proxmox 1.7
Thanks
well that was a problem with the “-” and “–” (double). Anyway i cant solve this. Got a iptables: Unknown error 18446744073709551615