Created
August 10, 2016 13:43
-
-
Save ozel/93c48ff291b83ac648278f0562167b7e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # enable IP forwarding and firewall in the kernel | |
| sudo sysctl -w net.inet.ip.forwarding=1 | |
| sudo sysctl -w net.inet.ip.fw.enable=1 | |
| #flush all FW rules | |
| sudo pfctl -F all # or -F nat, for just the nat rules | |
| cat ./nat-rules | |
| nat on en0 from 192.168.1.0/24 to any -> ozelmacpro #put this line in a text file | |
| # en0 is the interface pointing to the network with internet access | |
| # ozelmacpro is the local hostname or ip associated with the network that has internet access | |
| # 192.168.1.0/24 is a separate network that shall get internet via ozelmacpro on interface en0 | |
| # final hint on this via https://discussions.apple.com/thread/6757798?start=0&tstart=0 | |
| # load NAT rules from file | |
| sudo pfctl -f nat-rules -e | |
| # list all FW config | |
| sudo pfctl -s all |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for this @ozel! :-)
FYI to anyone visiting: if you want to route internet to a specific IP address it might be problematic to give it the hostname, as this will route with a round-robin approach on multiple addresses, which will cause issues in some cases, as not all these addresses are guaranteed to provide internet. I put in the IP associated with the network that has internet access, which worked while the hostname did not.