Share internet via IPTABLES in Linux
How to share internet via iptables? You need
hardware (e. g. workstation) with two network interface cards (NIC).
They are may be wired or wireless. It doesn't matter.
Names of your NICs you may see via "ip a" or "ifconfig" command.
For this example we named their "eth0" and "eth1":
- eth0 = the network adapter with internet (external or WAN).
- eth1 = the network adapter to which a second computer is attached (internal or LAN).
192.168.0.x = IP subnet for eth1.
But first we need enable packet forwarding in operating system's kernel. Add in bottom of /etc/sysctl.conf file this line:
net.ipv4.ip_forward=1
Apply changes without reboot:
sudo sysctl -p
Now start interface's configuration.
Set static IP address for your internal network interface card (eth1):
sudo ip addr add 192.168.0.1/24 dev eth1It will be gateway for your 192.168.0.1/24 network.
Configure iptables for NAT translation so that packets can be correctly routed through the gateway:
sudo iptables -A FORWARD -o eth0 -i eth1 -s 192.168.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -t nat -F POSTROUTING
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Ok, now you may set up static addresses on client machines.
For more details view documentation.
Support me on Patreon
#debian #internet #iptables #linux #network #routing #ubuntu
