Internet access

Giving a solution for internet access in your local area. There are so many solutions for same I can provide U two good solutions for internet access with security.

1. Through proxy (with caching )

2. Without proxy 

There are some proxy servers like squid and winproxy for that use. 

But today I 'll give U solution for without proxy internet access from Ubuntu server through iptables . 

Run command : 

sudo ifconfig 

for checking lan and wan interface name 

1. Delete Existing Rules

iptables -F
(or)
iptables --flush

2. Set Default Chain Policies

The default chain policy is ACCEPT. Change this to DROP for all INPUT, FORWARD, and OUTPUT chains as shown below.

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

When you make both INPUT, and OUTPUT chain’s default policy as DROP, for every firewall rule requirement you have, you should define two rules. i.e one for incoming and one for outgoing.

3. Allow Ping from Inside to Outside

The following rules allow you to ping from inside to any of the outside servers.

iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT

4. Set up IP FORWORDING AND Masquerading

iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE

iptables --append FORWARD --in-interface eth1 -j ACCEPT

# Enables packet forwarding by kernel 

echo 1 > /proc/sys/net/ipv4/ip_forward

5. Testing

# Ping the Gateway of the network from client system

ping 192.168.2.1

Try it on your client systems

ping google.com

Enjoy !!!!!