Linux Internet Connection Sharing

Iptables is a well known program for its firewall and traffic filtering capabilities. But it also can be used to share our beloved Internet connection. And amazingly it’s relatively easy to setup a shared connection in Linux.

For this example I will be using a Fedora 9 x86_64 system with a wireless Ethernet device named wlan0

First you have to enable IP forwarding. Log in as root and type:

# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
# /sbin/iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
# /etc/init.d/iptables save

Now a little bit of theory on what the previous commands do.

The first command is mostly self explanatory; it just tells the system to activate the IP forwarding feature.
Next, the iptables command line defines a Routing Table of NAT (Network Address Translation) type which is used to hide (masquerade) an IP address space behind a single IP address in another address space.
Finally, the last command just saves the configuration.

At this point, the configuration is ready and the only thing left is to actually modify the machines network configuration:

Example Router Address:
IP: 192.168.1.1

First Computer (Connected to Internet):
IP: 192.168.1.10
Netmask: 255.255.255.0
Gateway: 192.168.1.1

Second Computer:
IP: 192.168.1.20
Netmask: 255.255.255.0
Gateway: 192.168.1.10

That’s it, now both computers share the same Internet connection… fast and simple.

Be aware that this is a very simple example of network sharing, not an Enterprise Level solution. There are many alternative ways… more “elegant” and more secure ways to share a connection (proxy servers, SSH encrypted tunnels, etc)… you might want to try different methods and go for the one that fits your needs.