Using iptables in order to share an internet connection

Many users run small networks, be it at home or work. One of the widely used techniques for sharing the internet connection over a small local area network is Microsoft’s ICS (Internet Connection Sharing).

What if the main server is not running windows? Some prefer to opt for linux, and run several services that benefit client computers on this network (such as dns, dhcp, samba, NIS, etc…)

The good news for linux users is that they can benefit from the same functionality of ICS, but using linux iptables.

The following is a sample rule:

/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

Note that you will need to have ip forwarding enabled.

RedHat/Fedora users can execute the following:

echo 1 > /proc/sys/net/ipv4/ip_forward

Now, these rules can be saved in a .sh file, make that shell script executable (chmod +x

Then, make this file execute whenever your system boots. An example would be editing /etc/rc.local and setting the path to that file in there.

This simple iptables rule can be expanded in order to allow certain ports, block others, check protocols for incoming packets on such ports (tcp, udp) , etc.

Advanced rules to come later hopefully.

2 Responses to “Using iptables in order to share an internet connection”

  1. low cost tubal reversal says:

    Thanks i like well and reliable details in your web page very much , i come returning most times to discover new material like this.

  2. Creating LAN with Linux and Windows XP? | LINUX PROBLEMS says:

    [...] If you have 2 network cards on the linux machine, and if this linux machine is the one connected to the internet, here are a couple steps that can make you share the connection with the other windows or linux machine on your home network.… [...]

Leave a Reply