I've read, tried and failed several times on this. At first I thought it might be a snap using howtos tutorials scatter around internet. But it turn out to be no general solution to this. The keywords are
gateway,
ip masquarade, and off course,
Internet Connection Sharing on Linux.
Here's a working solution that works using Linux Mint 17.1 and these configuration/setup
- You have cable/ADSL internet connection that need to be shared to a closed network at home/office.
- A small server with 2 network cards, one connected to the cable/ADSL router/modem and one to the home/office network
- Have a working connection from server that you can connect to
router/modem in one connection and internal network for another (you can
use ping to their addresses respectively)
- Here's my sample of ifconfig result from the server:
eth0 Link encap:Ethernet HWaddr xx:xx:e3:2f:dc:87
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::dafe:e3ff:fe2f:dc87/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:28325 errors:0 dropped:12 overruns:0 frame:0
TX packets:17926 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:24606975 (24.6 MB) TX bytes:2362173 (2.3 MB)
eth1 Link encap:Ethernet HWaddr xx:xx:a6:ee:88:66
inet addr:10.0.1.2 Bcast:10.0.1.255 Mask:255.255.255.0
inet6 addr: fe80::5604:a6ff:feee:8866/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:131 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:23258 (23.2 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1331 errors:0 dropped:0 overruns:0 frame:0
TX packets:1331 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:123928 (123.9 KB) TX bytes:123928 (123.9 KB)
eth0 is for internet connection and eth1 for intranet connection
- Tested using Mint 17.1 MATE-64 as server and Mint 17.1 Cinnamon-64 as client
OK, for short here's how to set it
On the server
- Create a script as adminitrator called
ishare
$ sudo vi /usr/local/bin/ishare
The WAN interface (eth0) can be replaced according to your network interface (should be the one connected to the internet)
#!/bin/bash
sysctl -w net.ipv4.ip_forward=1
sysctl -p
iptables -X
iptables -F
iptables -t nat -X
iptables -t nat -F
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
- Save the above script to /usr/local/bin/ishare, and then change the executable bit by the following command.
$ sudo chmod +x /usr/local/bin/ishare
If you want the script executed every startup, you can register the
script to /etc/rc.local.
Open /etc/rc.local, before statement "exit 0",
add the following line:
/usr/local/bin/ishare
Had a few notes on etc/sysctl.conf
, whether to set the net.ipv4.ip_forward=1
manually or the script will handle it. I'll update it after I retest it (I'm also planning on test it on Zentyal server).
For the client you have to connect to internal network using the same segment and set the ip manually within the ip range
e.g in my case, this is the setup
ip: 10.0.1.20
subnet: 255.255.255.0
gateway: 10.0.1.2 #using servers internal ip address
dns: 8.8.8.8 #using google dns
Be sure to check the
original reference if you stumbled upon troubles. Also, I haven't include any advanced rules on firewall settings to it so be advised.