Skip to content

Instantly share code, notes, and snippets.

@attilaolah

attilaolah/sharenet.sh

Created March 3, 2015 22:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save attilaolah/5dfeb340660eed60fa58 to your computer and use it in GitHub Desktop.
Save attilaolah/5dfeb340660eed60fa58 to your computer and use it in GitHub Desktop.
Download ZIP
Internet Sharing
Raw
sharenet.sh
#!/usr/bin/env sh
#
# Internet Sharing
#
# Based on: https://wiki.archlinux.org/index.php/Internet_sharing
#
LAN=enp0s0
WAN=wlp0s0
## Static IP:
ip link set up dev $LAN
ip addr add 192.168.0.1/24 dev $LAN
## IP forwarding:
sysctl net.ipv4.ip_forward=1
## Making it permanent:
#| cat <<EOF >/etc/sysctl.d/30-ipforward.conf
#| net.ipv4.ip_forward=1
#| net.ipv6.conf.default.forwarding=1
#| net.ipv6.conf.all.forwarding=1
#| EOF
## NAT:
iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE
## Making it permanent:
#| iptables-save >/etc/iptables/iptables.rules
#| systemctl enable iptables
## DHCP & DNS:
dnsmasq \
--no-daemon \
--local-service \
--interface=$LAN \
--dhcp-range=192.168.0.2,192.168.0.254,infinite \
--dhcp-authoritative
## Making it permanent:
#| cat <<EOF >/etc/dnsmasq.conf
#| interface=$LAN
#| dhcp-range=192.168.0.2,192.168.0.254,infinite
#| dhcp-autheritative
#| EOF
#| systemctl enable dnsmasq
@attilaolah
Copy link
Author

NOTE: apart from DHCP for IPv4, it is useful to enable IPv6 autoconfiguration on both endpoints. In case something breaks, that allows us to ssh into the other machine and fix things:

ssh -6 fe80::…%$LAN

It is also handy to have Wireshark open and keep an eye on the traffic.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment