I find myself wanting to set these things up all the time, and I never remember how.

Here is a little shellscript to setup NAT assuming eth0 connects to the real world and tun1 is my internal interface.

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

# Set up IP FORWARDing and Masquerading
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface tun1 -j ACCEPT

Here are the contents of /etc/dhcp3/dhcpd.conf (put there by Debian package dhcp3-server).

subnet netmask {
option subnet-mask;
option broadcast-address;
option routers;

I learned most of this from here.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s