LinDesk

It is very easy to setup an internet connection sharing in Linux system using iptables. This method can be used to share an internet connection from a Linux system(I used Fedora Core 6, but it should work on other distributions that support iptables). Another method of doing this is using a proxy server like squid.

Enable IP forwarding

Run as root

sysctl -w net.ipv4.ip_forward=1

To enable it in system startup, edit the file /etc/sysctl.conf and set

net.ipv4.ip_forward = 1

iptables

Run command as root

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
service iptables save

Configuration

The configuration should be like this

Router

Connected to the internet provider
IP : 192.168.1.1

Internet Connected System

eth0 (LAN Card 1)

Connected to router

• IP : 192.168.1.10
• Netmask : 255.255.255.0
• Gateway : 192.168.1.1 (IP of the router)

eth1 (LAN Card 2)

Connected to the other system

• IP : 192.168.0.20 (Not the same network as the first card)
• Netmask : 255.255.255.0
• Gateway : 192.168.1.1 (IP of the router)

Second System

LAN Card connected to the first system

• IP : 192.168.0.30
• Netmask : 255.255.255.0
• Gateway : 192.168.0.20 (IP of the second Card in the first system)

Disclaimer

Linux networks is not a subject I am an expert on. So take my advice with a pinch of salt. The above procedure worked for me. YMMV.

Status

Some results of various commands are shown here. Check to see if it matches the result on your system.

# iptables -t nat -L POSTROUTING
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

# cat /proc/sys/net/ipv4/ip_forward
1

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination