Allow local traffic to access NAT with arno-iptables-firewall

Posted agosto 14th, 2012 in Blog, Operations, Virtualization by guzman

Arno iptables firewall script which comes with Debian Squeeze it’s wonderful, very customizable and already has support for many different scenarios, even some complex one which usually only way is writting yourself the extra rules.

But… there’s always a but. If you use NAT, your machines in the internal network won’t be able to access your public NAT services, will get connection refused.

Problem is, to be able to use it, arno would need to masquerade your traffic with a public IP and send your traffic back to internal machine.

Below is a patch to latest squeeze arno version (1.9.2.k-4) which will do exactly that

Continue Reading »