Skip to main content
Topic solved
This topic has been marked as solved and requires no further attention.
Topic: [SOLVED] setting up a masquarade (Read 467 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

[SOLVED] setting up a masquarade

Hello

I usually set up a simple masuarade system  that looks like this
Code: [Select]
/sbin/route add -net 127.0.0.0  
/sbin/route add -host 10.0.0.5 dev eth0
/sbin/route add -net 10.0.0.0 netmask 255.255.255.0 dev eth0
/sbin/route add default gw 96.57.23.82 dev eth1
/sbin/route add 10.0.0.0 gw 10.0.0.5 dev eth0

/usr/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

WIth artix, I set up settings in /etc/conf.d/net

Code: [Select]
mail2:[root]:~# grep -v "^#" /etc/conf.d/net |grep -v "^$"
config_eth1="96.57.23.84/29"
config_eth0="10.0.0.47/24"
routes_eth1="96.57.23.80/29 via 96.57.23.81
default via 96.57.23.81"
routes_eth0="10.0.0.0/24 via 10.0.0.37"
dns_domain_eth0="mrbrklyn.com"
dns_servers_eth0="10.0.0.37 166.84.1.2"
dns_domain_eth1="mrbrklyn.com"
dns_servers_eth1="96.57.23.83  166.84.1.2"

How do I set up the masquaring though?

and how do I make sure port forwarding it on ?

Re: setting up a masquarade

Reply #1
This is how I got two laptops connected by an ethernet cable to both be able to use the wifi on one of them, although it was a while back now. (Don't really need sudo for ping of course, I just copy pasted the details for future reference when I finally got it to work!) There was some preliminary investigation with arp-scan and tshark while figuring it out.
Based on this guide:
https://wiki.archlinux.org/title/Internet_sharing
Code: [Select]
$ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s25: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:21:70:a7:ad:18 brd ff:ff:ff:ff:ff:ff
3: wlp12s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
    link/ether 00:16:ea:5f:52:a0 brd ff:ff:ff:ff:ff:ff
$ sudo ip link set enp0s25 up
$ sudo ip addr add 10.20.246.234/24 dev enp0s25
$ sudo sysctl net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
$ sudo iptables -t nat -A POSTROUTING -o wlp12s0 -j MASQUERADE
$ sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
$ sudo iptables -A FORWARD -i enp0s25 -o wlp12s0 -j ACCEPT
$ sudo ping -c2 10.20.246.235
PING 10.20.246.235 (10.20.246.235) 56(84) bytes of data.
64 bytes from 10.20.246.235: icmp_seq=1 ttl=64 time=0.418 ms
64 bytes from 10.20.246.235: icmp_seq=2 ttl=64 time=0.375 ms

--- 10.20.246.235 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1027ms
rtt min/avg/max/mdev = 0.375/0.396/0.418/0.021 ms
$ cat /etc/resolv.conf
domain home
search home
nameserver 192.168.1.254

On the other laptop:
$ sudo ip link set enp2s0 up
$ sudo ip addr add 10.20.246.235/24 dev enp2s0
$ sudo ip route add default via 10.20.246.234 dev enp2s0
The content from /etc/resolv.conf shown above was copied to /etc/resolv.conf which was blank before.

Re: setting up a masquarade

Reply #2
If you don't use any firewall software, there's iptables-openrc which can offer some limited control of your iptables rules (but enough for your described needs).
Set your iptables rules in the command line and once satisfied save them, enable and start the service:
Code: [Select]
# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# iptables ...
# rc-service iptables save
iptables           | * Saving iptables state ...                          [ ok ]
# rc-update add iptables
 * service iptables added to runlevel default                             [ ok ]
# rc-service iptables start
iptables           | * Loading iptables state and starting firewall ...   [ ok ]
From now on, they will be applied at every boot. Or you can only save and apply them on demand, without enabling the service.

Re: setting up a masquarade

Reply #3
BINGO - thank you!