#!/bin/sh ## File: ifnat ## Desc: Set up NAT and IP forwarding between networks on a host. ## Date: 2014-06-19 ## Auth: pdwilso@gmail.com ## # Usage: sudo ifnat ## # PRE-CONDITIONS: # 0. [ubuntu?] "version 10.10 onwards..." # 1. Network Interfaces for each network / drivers installed # 2. Enable routing # a. edit /etc/sysctl.conf and uncomment: net.ipv4.ip_forward=1 # b. sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward" # 3. This script needs to be run as root ## # TODO: Add parameters for settings # TODO: Add check for EUID==0 ## NETBW='24' # Netmask bit width (used in CIDR and LANIP settings) LANIF='eth0' # LAN-side NIC device name WANIF='eth1' # WAN-side NIC device name (wireless for thinkpad) LANIP='192.168.4.4' # IP address for LANIF CIDR='192.168.4.0/'$NETBW # CIDR for LAN echo $0 echo " Configure NAT and IP forwarding between NICs" echo "" echo "Settings:" echo " NETBW: $NETBW" echo " LANIF: $LANIF" echo " WANIF: $WANIF" echo " LANIP: $LANIP" echo " CIDR: $CIDR" # Configure IP address for LAN-side NIC ip addr add $LANIP/$NETBW dev $LANIF # Configure NAT iptables -A FORWARD -o eth1 -i eth0 -s 192.168.4.0/24 -m conntrack --ctstate NEW -j ACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -t nat -F POSTROUTING iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE # Save the IP tables. iptables-save | tee /etc/iptables.sav sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
ifnat.sh
Subscribe to:
Posts (Atom)