-   Linux - Software (
-   -   internet connection sharing (

meinzorn 04-22-2005 10:19 PM

internet connection sharing
Hello.. I just got a new old box and I installed slackware linux 10 on it... I have a hardware modem and can connect to the internet and everything alright, but I want to be able to share that connection with a windows box that I have sitting next to it... can anyone help me do this?

I tried using google to search, and didn't find much, and what I did find kinda confused me.. any help is appreciated, thank you in advance for it.

win32sux 04-22-2005 10:51 PM

hardware: you'll need an ethernet card on each box, and either a crossover cable or two regular cables and a switch/hub...

software: basically it's just a matter of setting an iptables script in your /etc/rc.d/rc.firewall file... of course you'd need to have iptables installed before that... if you did a full install you already have it... you can check with:

ls /var/log/packages | grep iptables
the general overview of what you will be doing in order to share the connection is:

you will be configuring your internet-connected box as a NAT router... the dial-up modem will be it's external interface and the ethernet card will be the internal interface...

the windows machine will have one ethernet card and it will be connected with ethernet cabling to the internal ethernet card of the NAT box...

the windows machine will use an internal IP such as, for example...

the internal network card of the NAT box will also use an internal IP, such as, for example... the external interface (dial-up) will use whatever IP it gets from your ISP, as it normally does...

the windows machine will be configured to use (or whatever the NAT box's internal IP is) as it's gateway...

the windows machine can use the same DNS servers that your NAT box uses (provided by your ISP) if you want...

win32sux 04-22-2005 11:14 PM

i wrote a very simple /etc/rc.d/rc.firewall iptables script for you that should do the trick once you have your network cards setup... all you'd have to do is save it as /etc/rc.d/rc.firewall and make it executable with a:

chmod 755 /etc/rc.d/rc.firewall
it'll then be automatically run everytime your computer starts...





echo "0" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo "0" > /proc/sys/net/ipv4/tcp_timestamps
echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo "0" > /proc/sys/net/ipv4/conf/all/accept_source_route
echo "1" > /proc/sys/net/ipv4/conf/all/secure_redirects
echo "1" > /proc/sys/net/ipv4/conf/all/log_martians

$IPT -F -t nat
$IPT -F -t mangle

$IPT -X -t nat
$IPT -X -t mangle


$IPT -A INPUT -i lo -m state --state NEW -j ACCEPT
$IPT -A INPUT -p ICMP -i $LAN_IFACE --icmp-type 8 \
-m state --state NEW -j ACCEPT
$IPT -A INPUT -j LOG --log-prefix "INPUT DROP: "

-m state --state NEW -j ACCEPT
$IPT -A FORWARD -j LOG --log-prefix "FORWARD DROP: "


/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp

/sbin/modprobe ip_conntrack_irc
/sbin/modprobe ip_nat_irc

echo "1" > /proc/sys/net/ipv4/ip_forward

echo "So let it be written. So let it be done."

EDIT: added rule allowing PINGs (--icmp-type 8) on the internal interface (eth0) to make it easier to test LAN connectivity...

meinzorn 04-22-2005 11:32 PM

ok.. I've gotten as far as setting up the network right.. but how do I use that script?

(I've never had experience with scripts before)

win32sux 04-22-2005 11:36 PM

just copy the script and save it as text file /etc/rc.d/rc.firewall and then make the file executable by doing a:

chmod 755 /etc/rc.d/rc.firewall
it'll get executed by the system automatically upon reboot...

after copying/chmod-ing it you can also execute it manually by issuing the command:


meinzorn 04-22-2005 11:59 PM

ok... when I dot hat it says..

"iptables: Table does not exist (do ou need to insmod?)
iptables: Table does not exist (do ou need to insmod?)"

win32sux 04-23-2005 12:03 AM

post the output of these commands (after executing the script):

iptables -L

iptables -t nat -L



meinzorn 04-23-2005 12:06 AM

heh, nevermind that last post, I figured out why it was doing that...

type-o on my part.

win32sux 04-23-2005 12:08 AM

so everything is working fine now?? you can surf the web (etc.) from the windows box??

meinzorn 04-23-2005 12:28 AM

hmm, no... it still isn't working..

I'm not getting any error or anything, I just can't connect to the internet from the windows box. I've tried to sign onto AIM on my windows box and that isn't working, and I've tried pinging a website and that isn't working.

win32sux 04-23-2005 12:35 AM

are you able to ping the linux box from the windows box (and vice-versa)??

make sure you are using the latest script form post #3, as i added the PING thing after...

please post the output of the commands in post #7, as well as the IP configuration you've given the windows box...

meinzorn 04-23-2005 01:10 AM

hmm, this is difficult.. I'm doing this from the linux machine so I'm using links and I can't figure out how to copy and paste the results of those commands into this. I can ping the windows machine from here and I can ping this machine from the windows one. though.

win32sux 04-23-2005 01:26 AM

can you ping or from the windows machine??

win32sux 04-23-2005 01:30 AM

your IP configuration should look like this:

linux box:
ppp0 = whatever your ISP gives you
eth0 = (netmask

windows box:
IP =
netmask =
gateway =

meinzorn 04-23-2005 01:39 AM

hmm.. I definately just restarted the windows machine and it's working fine now. I probably should have tried that a while ago.

cool, I'm glad I have this working.. thank you for the help

All times are GMT -5. The time now is 02:28 AM.