Here's a working solution that works using Linux Mint 17.1 and these configuration/setup
- You have cable/ADSL internet connection that need to be shared to a closed network at home/office.
- A small server with 2 network cards, one connected to the cable/ADSL router/modem and one to the home/office network
- Have a working connection from server that you can connect to router/modem in one connection and internal network for another (you can use ping to their addresses respectively)
- Here's my sample of ifconfig result from the server:
eth0 Link encap:Ethernet HWaddr xx:xx:e3:2f:dc:87
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::dafe:e3ff:fe2f:dc87/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:28325 errors:0 dropped:12 overruns:0 frame:0
TX packets:17926 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:24606975 (24.6 MB) TX bytes:2362173 (2.3 MB)
eth1 Link encap:Ethernet HWaddr xx:xx:a6:ee:88:66
inet addr:10.0.1.2 Bcast:10.0.1.255 Mask:255.255.255.0
inet6 addr: fe80::5604:a6ff:feee:8866/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:131 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:23258 (23.2 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1331 errors:0 dropped:0 overruns:0 frame:0
TX packets:1331 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:123928 (123.9 KB) TX bytes:123928 (123.9 KB)
eth0 is for internet connection and eth1 for intranet connection - Tested using Mint 17.1 MATE-64 as server and Mint 17.1 Cinnamon-64 as client
- Create a script as adminitrator called
ishare
$ sudo vi /usr/local/bin/ishare
The WAN interface (eth0) can be replaced according to your network interface (should be the one connected to the internet)#!/bin/bash
## Internet connection sharing script
sysctl -w net.ipv4.ip_forward=1
sysctl -p
iptables -X
iptables -F
iptables -t nat -X
iptables -t nat -F
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
- Save the above script to /usr/local/bin/ishare, and then change the executable bit by the following command.
$ sudo chmod +x /usr/local/bin/ishare
If you want the script executed every startup, you can register the
script to /etc/rc.local.
Open /etc/rc.local, before statement "exit 0", add the following line:
/usr/local/bin/ishare
Had a few notes on
etc/sysctl.conf
, whether to set the net.ipv4.ip_forward=1
manually or the script will handle it. I'll update it after I retest it (I'm also planning on test it on Zentyal server).
e.g in my case, this is the setup
ip: 10.0.1.20
subnet: 255.255.255.0
gateway: 10.0.1.2 #using servers internal ip address
dns: 8.8.8.8 #using google dns
Be sure to check the original reference if you stumbled upon troubles. Also, I haven't include any advanced rules on firewall settings to it so be advised.