Newbie
Four this Tutorial you will need 2 NIC's (network Interface cards) Configured and working properly with your linux distro. You will also need IPTABLES installed on your system.
Please note the following IP config I will be using
Replace xx.xx.xx.xx with your WAN IP
Replace yy.yy.yy.yy with your LAN IP
(i.e. 192.168.0.0/16, 172.16.0.0/12)
WAN = eth0 with public IP xx.xx.xx.xx
LAN = eth1 with private IP yy.yy.yy.yy/ 255.255.0.0
First you nee dto install the NIC's Into your linux system. Once you have done this you will need to verify they are installed correctly. To do this type the following command
If you have the NIC's Installed correcly the output of this command will be 2.Code:[root@yourRouter ~]# ls /etc/sysconfig/network-scripts/ifcfg-eth* | wc -l
Now we must give eth0 [The Primary Ethernet Card] An external WAN IP. This will be provided to you by your ISP.
To do this type the following command
You must make the file look similar to the configuration I have shown belowCode:[root@yourRouter ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
Now we have configured the eth0 card we must configure eth1 to have an INTERNAL IP Address. To do this type the followingCode:DEVICE=eth0 BOOTPROTO=none BROADCAST=xx.xx.xx.255 # Optional Entry HWADDR=00:50:BA:88:72:D4 # Optional Entry IPADDR=xx.xx.xx.xx NETMASK=255.255.255.0 # Provided by the ISP NETWORK=xx.xx.xx.0 # Optional ONBOOT=yes TYPE=Ethernet USERCTL=no IPV6INIT=no PEERDNS=yes GATEWAY=xx.xx.xx.1 # Provided by the ISP
Similar to above make the configuration look like the one belowCode:[root@yourRouter ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
Now we need to configure the host file to tell the Router that it will be providing Network Address Translation [NAT]Code:BOOTPROTO=none PEERDNS=yes HWADDR=00:50:8B:CF:9C:05 # Optional TYPE=Ethernet IPV6INIT=no DEVICE=eth1 NETMASK=255.255.0.0 # Specify based on your requirement BROADCAST="" IPADDR=192.168.2.1 # Gateway of the LAN NETWORK=192.168.0.0 # Optional USERCTL=no ONBOOT=yes
Your hosts file should look like thisCode:[root@yourRouter ~]# vi /etc/hosts
Now we configure the gateway by editing /etc/sysconfig/network to do this use the vi commandCode:127.0.0.1 nat localhost.localdomain localhost
You should make it similar to this :Code:[root@yourRouter ~]# vi /etc/sysconfig/network
Now we need to configure the Resolver to do it use the vi command like soCode:NETWORKING=yes HOSTNAME=nat GATEWAY=xx.xx.xx.1 # Internet Gateway, provided by the ISP
Make that file like the one below. these IP's may differ from yours.Code:[root@yourRouter ~]# vi /etc/resolv.conf
Now we must clean up our iptables.Code:nameserver 203.145.184.13 # Primary DNS Server provided by the ISP nameserver 202.56.250.5 # Secondary DNS Server provided by the ISP
Start off by flushing them
Now we need to delete all the chains not in the default filter and the NATCode:[root@yourRouter ~]# iptables --flush [root@yourRouter ~]# iptables --table nat --flush [root]@yourRouter ~]# iptables --delete-chain
Now we need to configure IPTABLES to allow routingCode:[root@yourRouter ~]# iptables --table nat --delete-chain
to do this type
Code:[root@yourRouter ~]# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE[root@yourRouter ~]# iptables --append FORWARD --in-interface eth1 -j ACCEPT
Now we need to enable packet forwarding by the Kenrel
Code:[root@yourRouter ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
Now we can apply our new configuration
Code:[root@yourRouter ~]# service iptables restart
Now ping some places from your client and see if it works
Programming Expert
This is very cool and useful! No need to go out and buy a router if you already have a Linux box constantly running. Thanks!
Newbie
This one is very very useful.Thanks a lot !
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote
Bookmarks