To setup internet connection sharing in Linux system using IPTables
Enable IP forwarding
Run as root
sysctl -w net.ipv4.ip_forward=1
To enable it in system startup, edit the file /etc/sysctl.conf and set
net.ipv4.ip_forward = 1
iptables
Run command as root
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
service iptables saveConfiguration
The configuration should be like this
Router
Connected to the internet provider
IP : 192.168.1.1
Internet Connected System
eth0 (LAN Card 1)
Connected to router
- IP : 192.168.1.10
- Netmask : 255.255.255.0
- Gateway : 192.168.1.1 (IP of the router)
eth1 (LAN Card 2)
Connected to the other system
- IP : 192.168.0.20 (Not the same network as the first card)
- Netmask : 255.255.255.0
- Gateway : 192.168.1.1 (IP of the router)
Second System
LAN Card connected to the first system
- IP : 192.168.0.30
- Netmask : 255.255.255.0
- Gateway : 192.168.0.20 (IP of the second Card in the first system)
Disclaimer
Linux networks is not a subject I am an expert on. So take my advice with a pinch of salt. The above procedure worked for me – so I am documenting it here so that I can reproduce it if I need it someday. YMMV.
This method can be used to share an internet connection from a Linux system(I used Fedora Core 6, but it should work on other distibutions that support iptables) to a Windows system. I used Windows XP.
Status
Some results of various commands are shown here. Check to see if it matches the result on your system.
# iptables -t nat -L POSTROUTING
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
# cat /proc/sys/net/ipv4/ip_forward
1# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[tags]linux,network,internet,connection,sharing,iptables,cli,command,fedora[/tags]
