05 Apr

Sharing an Internet Connection from A Linux System using IPTables

To setup internet connection sharing in Linux system using IPTables

Enable IP forwarding

Run as root

sysctl -w net.ipv4.ip_forward=1

To enable it in system startup, edit the file /etc/sysctl.conf and set

net.ipv4.ip_forward = 1

iptables

Run command as root

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
service iptables save

Configuration

The configuration should be like this

Router

Connected to the internet provider
IP : 192.168.1.1

Internet Connected System

eth0 (LAN Card 1)

Connected to router

  • IP : 192.168.1.10
  • Netmask : 255.255.255.0
  • Gateway : 192.168.1.1 (IP of the router)

eth1 (LAN Card 2)

Connected to the other system

  • IP : 192.168.0.20 (Not the same network as the first card)
  • Netmask : 255.255.255.0
  • Gateway : 192.168.1.1 (IP of the router)

Second System

LAN Card connected to the first system

  • IP : 192.168.0.30
  • Netmask : 255.255.255.0
  • Gateway : 192.168.0.20 (IP of the second Card in the first system)

Disclaimer

Linux networks is not a subject I am an expert on. So take my advice with a pinch of salt. The above procedure worked for me – so I am documenting it here so that I can reproduce it if I need it someday. YMMV.

This method can be used to share an internet connection from a Linux system(I used Fedora Core 6, but it should work on other distibutions that support iptables) to a Windows system. I used Windows XP.

Status

Some results of various commands are shown here. Check to see if it matches the result on your system.

# iptables -t nat -L POSTROUTING
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere
# cat /proc/sys/net/ipv4/ip_forward
1
# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

[tags]linux,network,internet,connection,sharing,iptables,cli,command,fedora[/tags]

Leave a Reply

Your email address will not be published. Required fields are marked *