Achieving what's done by Microsoft's "Internet Connection Sharing"

Before I begin, I'm not looking to turn a PC into a router (as can be
done with specialised Linux distros). I have a normal PC for everyday
use and I want to have the added ability of routing a connection thru
my NIC's.

I have two NIC's. One is wired, the other is wireless. Their names are
eth0 and wlan0 respectively.

I want to set up a virtual router between eth0 and wlan0. For
instance, let's say I have the following setup:

eth0: 192.168.1.1/24
wlan0: 10.10.10.1/24

If eth0 recieves a packet with an IP address different than its own,
then it should send it out unaltered on wlan0. Similarly, if wlan0
receives a packet with an IP address different than its own, it should
send it out unaltered on wlan0. This would be the most basic two-port
router.

I'd like to get that up and running first, and then I'd like to
experiment with a few more stuff:

With packets arriving at eth0, I'd like the router to perform "source
NAT" so that the packets forwarded out on wlan0 have a source IP
address of 10.10.10.1 rather than the actual originating IP address
(in exactly the same way your home broadband router works). In this
setup, there's no need for 10.10.10.1 to be set as a gateway on any
machine.

And lastly, I'd like to have a DHCP server on eth0. Altogether this
would enable me to do the following:

* Using my own computer, connect to an AP normally with my wlan0.
* Take a friend's laptop, connect it to mine via a cross-over cable.
* The DHCP server should give my friend's laptop an IP address, and it
should give it a default gateway of 192.168.1.1 (i.e. the IP address
of eth0)
* When my friend's laptop sends packets to the internet, my virtual
router should perform NAT. And when packets come back from the
internet, my virtual router should keep track of which host they've to
be forwarded to.

Under Microsoft Windows, this can all be done very simply by going
into the settings for wlan0 and clicking "Share this internet
connection". From there, you select a NIC thru which the connection
will be shared, e.g. eth0. And it all works perfectly.

I'm very interested in Linux, and I *do* want to learn about iptables
and dhcpd and so forth, but right now I'm just looking for a quick fix
so that I can get a little network up and running here at home.
Basically I'm looking for the most simplistic config files that will
achieve what I'm trying to do. Does anyone have config files that will
simulate Microsoft's connection sharing? Or perhaps could you guide me
thru what I've to do? So far, it looks like I've to do the following:

* Use iptables to make eth0 act as a gateway thru to wlan0.
* Use iptables to enable "source NAT" for packets coming from eth0
into wlan0.
* Use dhcpd to set up a DHCP server on eth0.

Any advice appreciated!

On Sun, 23 Mar 2008 11:44:41 -0700, Tomás Ó hÉilidhe wrote:

[...]
> Under Microsoft Windows, this can all be done very simply by going into
> the settings for wlan0 and clicking "Share this internet connection".
> From there, you select a NIC thru which the connection will be shared,
> e.g. eth0. And it all works perfectly.
>
> I'm very interested in Linux, and I *do* want to learn about iptables
> and dhcpd and so forth, but right now I'm just looking for a quick fix
> so that I can get a little network up and running here at home.
> Basically I'm looking for the most simplistic config files that will
> achieve what I'm trying to do. Does anyone have config files that will
> simulate Microsoft's connection sharing? Or perhaps could you guide me
> thru what I've to do? [...]

http://www.eracc.com/images/mandriva...mcc_2007-1.png

Look at the middle of the image. Cannot be simpler than clicking the icon
and following the prompts. You can later look at the guts of the files
(they are all plain text) to see what was done and learn from that.

Gene (e-mail: gene \a\t eracc \d\o\t com)
--
Mandriva Linux release 2007.1 (Official) for i586
Got Rute? http://www.anrdoezrs.net/email-25465...sbn=0130333514
ERA Computers & Consulting - http://www.eracc.com/
Preloaded PCs - eComStation, Linux, FreeBSD, OpenServer & UnixWare

Tomás Ó hÉilidhe wrote:

> * Use iptables to make eth0 act as a gateway thru to wlan0.
> * Use iptables to enable "source NAT" for packets coming from eth0
> into wlan0.
> * Use dhcpd to set up a DHCP server on eth0.
>
> Any advice appreciated!

Linux is practically built for the task of being a router. :)

Ofc there could be handy GUI thingies in gnome or kde from which you can
set it up quite easily, but I'm not familiar with those so I'll let
other people elaborate on that subject.

From the console, all you need is two set up ethernet devices, ip
forwarding, a default gateway and iptables.

eth0: 192.168.1.1
wlan0: 10.10.10.1

Routing without nat. Well, that subject only uses the route command.
You just need to tell those networks where they can locate eachother.
(Important to keep in mind, for every route one way, a route back is
needed. It's useless for packets to know where to go, if the packets
that need to go back don't know which way to go.)

$ route add 192.168.1.0/24 gw 192.168.1.1
$ route add 10.10.10/24 gw 10.10.10.1

This tells the box that in order to reach the networks 192.168.1.0 and
10.10.10.0 from localhost, it needs to access those through the
respective gateways 192.168.1.1 and 10.10.10.1.

Ofcourse this will only work if the machines in those networks use that
box as gateway for eiter the destination network, or the default gate.

Make sure ip forwarding is set.

$ sysctl net.ipv4.ip_forward=1

Source routing is quite simple too:

$ iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT -o wlan0
--to-source 10.10.10.1

I did not test these commands, so there might be a typo somewhere. But
this should be the general idea (if I get your question right).

-R-

Jurgen Haan

> From the console, all you need is two set up ethernet devices, ip
> forwarding, a default gateway and iptables.
>
> eth0: 192.168.1.1
> wlan0: 10.10.10.1


ifconfig eth0 192.168.1.1 netmask 255.255.255.0
ifconfig wlan0 10.10.10.1 netmask 255.255.255.0

OK done. . .

> Routing without nat. Well, that subject only uses the route command.
> You just need to tell those networks where they can locate eachother.
> (Important to keep in mind, for every route one way, a route back is
> needed. It's useless for packets to know where to go, if the packets
> that need to go back don't know which way to go.)
>
> $ route add 192.168.1.0/24 gw 192.168.1.1
> $ route add 10.10.10/24 gw 10.10.10.1


I thought routing tables were strictly to do with *sending* packets
rather than receiving them. When eth0 receives a packet with an IP
address other than its own, how will it know that it has to route it
thru wlan0?


> Source routing is quite simple too:
>
> $ iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT -o wlan0
> --to-source 10.10.10.1
>
> I did not test these commands, so there might be a typo somewhere. But
> this should be the general idea (if I get your question right).


Thanks for that

Tomás Ó hÉilidhe wrote:

>> $ route add 192.168.1.0/24 gw 192.168.1.1
>> $ route add 10.10.10/24 gw 10.10.10.1
>
>
> I thought routing tables were strictly to do with *sending* packets
> rather than receiving them. When eth0 receives a packet with an IP
> address other than its own, how will it know that it has to route it
> thru wlan0?

True, but in case of a router between networks, packets are being sent
both ways. Same with a standard client and server that operate outside 1
network, the client needs to know where to find the server, but in
return, the server also needs to know where to find the client.