Very simple iptables NAT systemd service

iptables-nat.service

# Very simplistic, use at your own risk. I am using this on Raspbian.
#
# put me into /etc/systemd/system
# systemctl start iptables-nat
# systemctl stop iptables-nat
# systemctl enable iptables-nat
#
# see: https://wiki.archlinux.org/index.php/Internet_sharing
# adapted from: https://github.com/gronke/systemd-iptables/blob/master/etc/systemd/system/iptables.service

[Unit]
Description=Simple iptables NAT / forwading
DefaultDependencies=no
After=systemd-sysctl.service
Before=sysinit.target
[Service]
Type=oneshot
ExecStart=sysctl net.ipv4.ip_forward=1
ExecStart=iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
ExecStart=iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
ExecStart=iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
#ExecReload=
ExecStop=sysctl net.ipv4.ip_forward=0
ExecStop=iptables -F
ExecStop=iptables -X
ExecStop=iptables -t nat -F
ExecStop=iptables -t nat -X
ExecStop=iptables -t mangle -F
ExecStop=iptables -t mangle -X
ExecStop=iptables -t raw -F
ExecStop=iptables -t raw -X
ExecStop=iptables -t security -F
ExecStop=iptables -t security -X
ExecStop=iptables -P INPUT ACCEPT
ExecStop=iptables -P FORWARD ACCEPT
ExecStop=iptables -P OUTPUT ACCEPT
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target