This page was already viewed 171times
Make your linux OS become a router
Summary
[I] Presentation
*Let's picturize the situationThe situation consists in a linux computer, connected to internet via a WIFI connection, that needs to share it to a device (a raspberry Pi) connected to it by an ethernet wire.
the following picture summarizes this situation, also presenting the network mapping and ip addressing.
[II] Linux Router Side configuration
*Set router IP addressFirstly, it is necessary to configure the linux router ethernet interface (the one connected to the device/raspberry Pi) according to the plan defined in the situation above.
*Enable IP forwading functionrouter@linux:#sudo ifconfig eth0 10.20.30.1 up
If the Linux server is acting as a firewall, router, or NAT device, it will need to be capable of forwarding packets that are meant for other destinations (other than itself). IP forwarding is the ability for an operating system to accept incoming network packets on one interface, recognize that it is not meant for the system itself, but that it should be passed on to another network, and then forwards it accordingly.
Execute the following command to enable IP forwarding on your linux host router system:
*Configure system firewallrouter@linux:#sudo surouter@linux:#echo "1" > /proc/sys/net/ipv4/ip_forward
In oder to make the linux system get input traffic from end-device (raspberry pi) and allows it to make internet requests, it is necessary to NAT the interface
NAT is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. The technique is used to avoid the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the network's address space.
Execute the following command to NAT your ethernet traffic forwarded on your linux host router system:
router@linux:#sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADErouter@linux:#sudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPTrouter@linux:#sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
[III] Device/Client Side configuration
*Set device IP addressWe will configure the device IP address according to the plan defined in the situation above
*Device internet access verificationraspberry@linux:#sudo ifconfig eth0 10.20.30.10 upraspberry@linux:#sudo route add default gw 10.20.30.1 eth0
Finally, the client should be able to access internet and perform web traffic. Let's perform the following test, consisting in a ping request to a google server, to verify the good working of the device internet access.
raspberry@linux:#ping 8.8.8.8