2003-12-11, 04:50 PM
First things first, to do this i assume you have TWO working network cards in your computer, one is connected to the internet (WAN) and the other is connected to your local network (LAN), or think of it as eth0 (WAN) and eth1 (LAN). I also assume that you want eth1 to share the internet with others, however, i am not going to enable a dhcp server, so your 'clients' will have to have their ip settings entered manually. If you want to try this then read on...
First off we need to know the ip address of our WAN network card (eth0 the one connected direct to the internet ;-)). So, as root type ifconfig.
That should present you with an output like the following example:-
Quote:eth0Link encap:Ethernet HWaddr 00:06:5B:02:F6:FF
inet addr:192.168.0.58 Bcast:192.168.0.255 Mask:255.255.255.0
.......
eth1
Link encap:Ethernet HWaddr 00:02:2D:46:B2:5F
inet addr:100.0.0.1 Bcast:100.0.255.255 Mask:255.255.0.0
.......
In the example above i have a WAN (eth0) address which is my connection to the internet via another NAT (lol), and it has the ip address of 192.168.0.58
The LAN (eth1) IP address in this example has been set to 100.0.0.1.
Ive deliberately set eth1 to 100.0.0.1 so i know its my 'sharing' NAT ip address, and it's the one to point to later.
To set/change your IP settings for a Network card in Red Hat 9 type this as root:-
neat or redhat-config-network
Now that you have set your LAN (eth1) IP address, lets get sharing !!!
As root in a console type the following two lines:-
Code:
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.0.58
>>>PRESS ENTER<<<
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
>>>PRESS ENTER<<<
Obviously the first line which points to 192.168.0.58 MUST point to your CURRENT WAN IP address (eth0) and NOT my example here.
So if your eth0 ip address= 163.211.12.44 then the line should read
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 163.211.12.44
Ok, now that is done, now its time to test it, if you have lokkit running (redhats firewall) disable it temporarily to test please.
On a client pc, edit it's TCPIP properties as follows
IP address=100.0.0.2 (or any value above 1 and up to 255)
SubNet= 255.255.0.0
Default Gateway=100.0.0.1 (eth1)
DNS server 1=192.168.0.58 (eth0)
DNS Server 2=192.168.0.1 (my first NAT, which shares ips to my eth0 WAN connection, change this to your WANS DNS server ip)
You will have to put the lines below in /etc/rc.d/rc.local if you want to turn it (the NAT) on every time your system boots up.
Code:
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to xxx.xxx.xxx.xxx
echo 1 > /proc/sys/net/ipv4/ip_forward
Obviously replace xxx.xxx.xxx.xxx with the ip of your current WAN (internet) address.
Thats it, test it by pinging www.google.com.
you might also want to read the following....
Quote:In order for your system to save the iptables rules ...You will need to edit /etc/sysconfig/iptables-config and make sure IPTABLES_MODULES_UNLOAD, IPTABLES_SAVE_ON_STOP, and IPTABLES_SAVE_ON_RESTART are all set to 'yes'.