Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi,
I am using edubuntu 6.06 in my machine & i've got two ethernet cards.One for internet & other for LAN.Internet is working fine in my system.I want to share net connection with one windows machine in our local network.Around 50 machines are there in our local network connected via ethernet switch.Please suggest a suitable software with which i can share my internet with only one machine,authenticating by means of IP address or MAC address.
I am using edubuntu 6.06 in my machine & i've got two ethernet cards.One for internet & other for LAN.Internet is working fine in my system.I want to share net connection with one windows machine in our local network.Around 50 machines are there in our local network connected via ethernet switch.Please suggest a suitable software with which i can share my internet with only one machine,authenticating by means of IP address or MAC address.
this is easily done using iptables, which is already included in your distro...
here's a script i put together for you to get you started:
Code:
#!/bin/sh
IPT="/sbin/iptables"
WAN_IFACE="eth0"
LAN_IFACE="eth1"
WINDOWS_PC_MAC="ex:ex:ex:ex:ex:ex"
WINDOWS_PC_IP="123.123.123.123"
# Shouldn't be any need for you to edit below this line.
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT
$IPT -t mangle -P PREROUTING ACCEPT
$IPT -t mangle -P INPUT ACCEPT
$IPT -t mangle -P FORWARD ACCEPT
$IPT -t mangle -P OUTPUT ACCEPT
$IPT -t mangle -P POSTROUTING ACCEPT
$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT
$IPT -F
$IPT -F -t nat
$IPT -F -t mangle
$IPT -X
$IPT -X -t nat
$IPT -X -t mangle
$IPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPT -A FORWARD -i $LAN_IFACE -o $WAN_IFACE -m mac --mac-source \
$WINDOWS_PC_MAC -s $WINDOWS_PC_IP -m state --state NEW -j ACCEPT
$IPT -t nat -A POSTROUTING -o $WAN_IFACE -j MASQUERADE
to enable forwarding, you'll need to make sure you have this line uncommented in your /etc/sysctl.conf file:
Code:
net/ipv4/ip_forward=1
when you edit that file, you'll need to either reboot, or execute this command for the change to take effect:
Code:
sudo sysctl -p
if this is the first time you deal with iptables or packet forwarding, you are bound to have questions about this - please don't hesitate to ask...
Thanks for the info..
I did as u said and added the script to /etc/sysctl.conf.But when i enter the command sudo sysctl -p, i get syntax error messages in the file .the sharing is not working..
the syntax for the line was wrong. use "net.ipv4.ip_forward = 1"
Thanks for the info..
Again it is flashing the error message that the lines
WINDOWS_PC_MAC etc are having wrong syntax.We have to place the script in the sysctl.conf file ,right..?
Thanks in advance....
you mean that big long iptables script? oh god no, certainly not, that'll bust all sorts of things. he just intended that to be a general script to put wherever you felt like.
the syntax for the line was wrong. use "net.ipv4.ip_forward = 1"
the reason i chose slashes when i posted is cuz ubuntu comes with commented examples in the sysctl.conf file - all using slashes instead of periods... if i'm not mistaken, the kernel will accept either syntax, though...
@arunksit: just to clarify what has already been stated by acid_kewpie: the only line you need to add to your sysctl.conf is the ip_forward one... the script i posted should be saved as a file of its own... you would then edit said file, providing the IP and MAC of the windows box (and making sure the interface names are correct)... then you'd make the file executable and then execute it... then you could begin testing connectivity from the windows box to make sure it's working fine... remember you'll need to configure the GATEWAY address of the windows box to be the IP of the $LAN_IFACE on the linux box...
in fact, could you post the output of these from the linux box?? it would help us make sure you are all set as far as IP configuration et al is concerned...
Code:
ifconfig
Code:
route -n
Code:
cat /etc/resolv.conf
make sure you obfuscate the IP of your $WAN_IFACE before posting, for your protection... for example, instead of 200.123.123.234 you could use 200.123.xxx.xxx or similar...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
