CSCLUG

Quick Internet Sharing With a Laptop NAT Gateway

From Hacking to Tunneling to Clouds and Green Pastures, learn from our fun group.

Quick Internet Sharing With a Laptop NAT Gateway

This text assumes that you know the basic structure of your particular distribution including configuration file locations, network configuration, and root access.

Assumptions:



1. Two network interfaces exist on your server machine:
a. A wired interface (eth0) which will interface the local network
b. A wireless interface (wlan0) which will interface the internet
2. All required software packages (NAT, iptables, etc) are installed on the server machine
3. A wired interface exists on the client machine (eth0)
4. All commands should be issued as a super user who has /sbin in their path
5. Client is connected to the server via ethernet cables and a switch or directly via a patch cable

Server Procedure:



1. Configure eth0 with a static IP:
a. IP Address: 192.168.0.1
b. Netmask: 255.255.255.0
c. Broadcast: 192.168.0.255
NOTE: Network managers will override these settings when an active link is detected. For best results, disable the management of this device by a network manager and configure the device manually using 'ifconfig'.
NOTE 2: You should only have to set the IP address. All other settings will default based on the assigned IP address.
Example: ifconfig eth0 192.168.0.1 2. Configure IP forwarding.
a. IP forwarding is VERY distribution specific. For most distributions a flag can be manually set in /proc/sys/net/ipv4/ip_forward with a command: echo 1 > /proc/sys/net/ipv4/ip_forward
b. Most distributions also have the ability to edit a script in the /etc/init.d or /etc/rc.d directory to allow IP forwarding at startup. Most times all you have to do is set the script's file permission to executable.
c. For Ubuntu users, this setting is found in /etc/sysctl. The parameter is #net.ipv4.conf.default.forwarding=1
To enable this at startup, remove the comment(#) from this line. See man sysctl for other options.
3. Configure iptables
a. Allow packet forwarding with: iptables -P FORWARD ACCEPT
b. Configure Network Address Translation (NAT) with: iptables --table nat -A POSTROUTING -o wlan0 -j MASQUERADE NOTE: This has absolutely no security. All packets received will be forwarded to every machine on the network attached to the eth0 device. See man iptables for more options to increase security.

Client Procedure:



1. Configure eth0 with a static IP:
a. IP Address: 192.168.0.100 (any IP in the range 192.168.0.2 - 192.168.0.254 will be fine as long as it is unique on the network)
b. Netmask: 255.255.255.0
c. Broadcast: 192.168.0.255
d. Gateway: 192.168.0.1
NOTE: Network managers will override these settings when an active link is detected. For best results, disable the management of this device by a network manager and configure the device manually using 'ifconfig'.
NOTE 2: You should only have to set the IP address. All other settings will default based on the assigned IP address.
Example: ifconfig eth0 192.168.0.100 2. Configure DNS:
a. On the server machine, view the file /etc/resolv.conf
b. Copy the nameserver lines to /etc/resolv.conf on the client machine
c. Example nameserver line:
nameserver 192.168.1.1
This material has been digested from various tutorials across the internet. The goal behind this tutorial is to rapidly establish an internet connection for a local wired network through a laptop's wireless internet connection.

Upcoming Events