Recently a dear friend of mine bought a laptop (I copied it, took a Samsung R610, it has installed on Ubuntu Desktop Edition 9.04), just arrived home, she is asked a question: How do I connect to the Internet?
The answer seems obvious but it is not, in fact, to connect to the Internet uses a "key" Vodafone 3G so it was not possible to plug into a switch to share the network. Sifting through a little on some manual Iptables I discovered something essential and I decided to write this guide.
What is iptables?
is the "firewall" of the kernel of Ubuntu and all Linux distributions.
Qualities: Ability to connect to the Internet via a PC server.
Disadvantages: The PC must remain on the server.
Step1) First we need to set up a network of servers, the DNS and give it a static IP address.
Abstract: The modem (Vodafone) is seen by the PC as a network card and then call it eth0)
now work on the server on the laptop (which in this case is the client)
Let's fix the DNS server (not required but is recommended); not I know that desktop use then use nano to edit configuration files (as is done on all servers). First command to the terminal is:
cd / etc
and the next is: sudo nano
resolvs.conf
will open a text editor inside the terminal (his name is nano) , consist of the DNS system default:
# Generated by NetworkManager nameserver 192.168.1.1
clear away and replace everything with OpenDNS. Erase them all and write this in the file.
# This is the new DNS
created by OpenDNS nameserver 208.67.222.222 nameserver 208.67.222.220
To save the file hold down the ctrl most O (the letter o as open).
Now we come to the tough part, that is to configure the IP address of the two network cards.
Also from terminal enter the command:
cd / etc / network
And then: sudo nano interfaces
The situation is complicated. Look at what you do, a figure that is not correct blocks all network server!
Let's make things more comfortable. Erase them all and put in the same data so we're clear.
auto eth0 iface eth0 inet dhcp #
and save (ctrl most O). As you can see now the internet modem (Vodafone) has a dhcp that he connects and manages all its ip, while the network card in your PC has a static IP (192.168.1.5).
2) Enable forwarding and configure iptables.
To enable all the key commands are required to be included in the terminal, do not ask me how they work (do not know anything about iptables)
Now the firewall is set to activate forwarding and run this command:
echo 1> / proc/sys/net/ipv4/ip_forward
Now the PC server will all packages on the internet eth1 card that has a cable that goes into the client. So now if you open the browser on the client should act.
These commands remain in office until you turn off the PC server, so let's make it bootable.
Issue the command:
sudo nano / etc / rc.local will reappear
our dear editor, this file is the script all the commands that we want to give the operating system during power pc.
Between these two lines # By default this script does nothing.
exit 0
enter commands to iptables and forwarding, and then get something like this:
# / bin / sh-e #
# rc.local # # This script is
Executed At the End of Each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
#commands for iptables and forwarding
modprobe ip_conntrack
modprobe ip_conntrack_ftp ip_nat_ftp
modprobe iptable_nat
modprobe ipt_MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.2.0/24 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
exit 0
Adesso il nostro server will always run from "gateway" to the client (in this case just one). We will see in a future article how to configure your client to work perfectly. A greeting
Now we come to the tough part, that is to configure the IP address of the two network cards.
Also from terminal enter the command:
cd / etc / network
And then: sudo nano interfaces
The situation is complicated. Look at what you do, a figure that is not correct blocks all network server!
Let's make things more comfortable. Erase them all and put in the same data so we're clear.
# This is the internet interface of the card
auto eth0 iface eth0 inet dhcp #
That This Is the interface control the internal card
# auto eth1 iface eth1 inet static address 192.168.1.5
netmask 255.255.255.0 network 192.168.2.0 broadcast
192,168. 1255 and save (ctrl most O). As you can see now the internet modem (Vodafone) has a dhcp that he connects and manages all its ip, while the network card in your PC has a static IP (192.168.1.5).
2) Enable forwarding and configure iptables.
To enable all the key commands are required to be included in the terminal, do not ask me how they work (do not know anything about iptables)
modprobe ip_conntrack modprobe
ip_conntrack_ftp ip_nat_ftp
modprobe iptable_nat modprobe
ipt_MASQUERADE
iptables-t nat-A POSTROUTING-o eth0-j MASQUERADE iptables-I
FORWARD-m state - state RELATED, ESTABLISHED-j ACCEPT iptables-A
FORWARD-s 192.168.2.0/24-j ACCEPT Now the firewall is set to activate forwarding and run this command:
echo 1> / proc/sys/net/ipv4/ip_forward
Now the PC server will all packages on the internet eth1 card that has a cable that goes into the client. So now if you open the browser on the client should act.
These commands remain in office until you turn off the PC server, so let's make it bootable.
Issue the command:
sudo nano / etc / rc.local will reappear
our dear editor, this file is the script all the commands that we want to give the operating system during power pc.
Between these two lines # By default this script does nothing.
exit 0
enter commands to iptables and forwarding, and then get something like this:
# / bin / sh-e #
# rc.local # # This script is
Executed At the End of Each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
#commands for iptables and forwarding
modprobe ip_conntrack
modprobe ip_conntrack_ftp ip_nat_ftp
modprobe iptable_nat
modprobe ipt_MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.2.0/24 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
exit 0
Adesso il nostro server will always run from "gateway" to the client (in this case just one). We will see in a future article how to configure your client to work perfectly. A greeting
0 comments:
Post a Comment