Skip to content

Instantly share code, notes, and snippets.

@jvaubourg
Created February 4, 2017 16:47
Show Gist options
  • Save jvaubourg/bcb48295f674f83e6b1303b6a1202772 to your computer and use it in GitHub Desktop.
Save jvaubourg/bcb48295f674f83e6b1303b6a1202772 to your computer and use it in GitHub Desktop.
Share your wifi Internet connection to a device connected with a cable to your laptop (NAT-PT IPv4)
#!/bin/bash
# +----------------------------+
# Internet_v4 <=> | WIFI <-(sharewifi)-> WIRED | <=> Device
# +----------------------------+
# executed as root
# dnsmasq not running
# $IF_WIRED not handled by an intrusive network manager
# ^C to quit
IF_WIFI=wlo1
IF_WIRED=eth0
IP4_PREFIX=10.42.0. # /24
function reverse() {
trap - EXIT ERR INT
ip addr del ${IP4_PREFIX}1/24 dev $IF_WIRED
iptables -D INPUT -p udp -i $IF_WIRED --dport 53 -j ACCEPT
iptables -D INPUT -p udp -i $IF_WIRED --dport 67 -j ACCEPT
iptables -D FORWARD -j ACCEPT
iptables -t nat -D POSTROUTING -o $IF_WIFI -j MASQUERADE
sysctl -w net.ipv4.ip_forward=0 > /dev/null
rm /tmp/.sharewifi
exit 0
}
if [ $EUID -ne 0 ]; then
echo '[ERR] You must be root.' 1>&2
exit 1
fi
trap reverse EXIT ERR INT
if ip link show tun0 &> /dev/null; then
IF_WIFI=tun0
fi
sysctl -w net.ipv4.ip_forward=1 > /dev/null
iptables -t nat -A POSTROUTING -o $IF_WIFI -j MASQUERADE
iptables -I FORWARD 1 -j ACCEPT
iptables -I INPUT 1 -p udp -i $IF_WIRED --dport 67 -j ACCEPT
iptables -I INPUT 1 -p udp -i $IF_WIRED --dport 53 -j ACCEPT
ip addr add ${IP4_PREFIX}1/24 dev $IF_WIRED
echo "dhcp-range=$IF_WIRED,${IP4_PREFIX}2,${IP4_PREFIX}254,24h" > /tmp/.sharewifi
dnsmasq --dhcp-sequential-ip --log-dhcp --log-facility=- -k -C /tmp/.sharewifi
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment