Recent Changes - Search:




IP Masquerading Internet Connection Sharing

IP Masquerading is to allow machines with private to access the Internet through the machine doing the masquerading.

  • Accomplished with a single iptables rule.
  iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE

  Address:           11000000.10101000.00000000 .00000001
  Netmask: = 24    11111111.11111111.11111111 .00000000
  Wildcard:             00000000.00000000.00000000 .11111111

  Network:        11000000.10101000.00000000 .00000000 (Class C)
  Broadcast:         11000000.10101000.00000000 .11111111
  HostMin:           11000000.10101000.00000000 .00000001
  HostMax:         11000000.10101000.00000000 .11111110

  • Masqueraded traffic needs to be allowed through the FORWARD chain for the above rule to work:
  iptables -A FORWARD -s  -o eth0 -j ACCEPT
  iptables -A FORWARD -d  -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT
  • The above commands will allow all connections from your local network to the Internet.
Edit - History - Print - Recent Changes - Search
Page last modified on April 14, 2007, at 06:58 AM