.TL NAT+ .AU tropf .AB quick introduction into forwarding your connection from one interface to another .AE .DA . .PP This guide explains how you can share your internet connection with other devices using NAT and setup a DHCP server so connected devices are automatically configured. . .NH 1 Preface .NH 2 Goal .PP Afterwards you can connect to the device via e.g. ethernet and you automatically get an IP address via DHCP and all traffic will be tunneled and forwarded through the device. . .NH 2 Limitations .PP This guide will not cover: .ULS .LI connecting to an existing network .CW "wpa_supplicant" ")" "(see: " .LI creating a wifi hotspot .ULE . .NH 2 Conventions & Preconditions .PP The following names will be used throughout the guide and can be changed according to your setup. . .TS nospaces center tab(|); lB lB fC l. Name | Meaning wlan0 | connected to an internet uplink eth0 | device that the connection will be forwarded to 10.0.0.1 | IP address of \fCeth0 10.0.0.0/24 | subnet of \fCeth0\fR .TE . .NH 2 Indexing .PP This section contains alternative titles and topics of this article that can be used to build a search index. .PP search tags: . .CB raspberry pi raspberrypi dnsmasq dhcp static share sharing bridge bridging reverse router nat wifi wlan .CE . .PP alternative titles: .ULS .LI how to set up a router .LI how to turn wifi into ethernet .LI sharing a network connection .ULE . .NH 1 Setting a Static IP Address .PP .CW eth0 needs a static IP Address, because there is no DHCP server to get an address from. (If there is, skip this step.) . .NH 2 Setting the Actual Address .PP Create a file named .CW /etc/network/interfaces.d/eth0_static with this content: . .CB auto eth0 allow-hotplug eth0 iface eth0 inet static address 10.0.0.1 netmask 255.255.255.0 network 10.0.0.0 broadcast 10.0.0.255 .CE . .NH 2 Preventing DHCP From Interfering .PP By default the DHCP client will overwrite these settings. Tell them to not care about .CW eth0 . Insert this line into .CW /etc/dhcpcd.conf : . .CB denyinterfaces eth0 .CE . .NH 1 DHCP Server .PP There is no DHCP server behind .CW eth0 . We have to create one. (If there is, skip this step.) Install .CW dnsmasq . Create a file named .CW /etc/dnsmasq.d/dhcp_server.conf with this content: . .CB interface=eth0 # use interface eth0 listen-address=10.0.0.1 # explicitly specify the address to listen on bind-interfaces # Bind to the interface to make sure we aren't sending things elsewhere server=46.182.19.48 # the DNS server to be used. this one is run by digitalcourage e.v.; feel free to change it domain-needed # Don't forward short names bogus-priv # Never forward addresses in the non-routed address spaces. # Assign IP addresses between 10.0.0.50 and 10.0.0.150 with a 12 hour lease time dhcp-range=10.0.0.50,10.0.0.150,12 dhcp-option=3,10.0.0.1 # gateway which is connected to the internet -- this computer .CE . .NH 1 Forwarding .PP All incoming traffic on .CW eth0 should be forwarded and NATed to the uplink .CW wlan0 . . .NH 2 Enable Forwarding .PP Forwarding has to be enabled in the kernel. Uncomment or insert this line into .CW /etc/sysctl.conf : . .CB net.ipv4.ip_forward=1 .CE . .PP This will only be loaded on boot. Reload the file now using: . .CB .CE . .CB sysctl -p .CE . .NH 2 Setup iptables .PP Execute the following commands: . .CB sudo iptables -t filter -A FORWARD -i eth0 -j ACCEPT sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE .CE . .B "These rules are not persistent by default" "," so install .CW iptables-persistent and then execute: . .CB iptables-save > /etc/iptables/rules.v4 .CE . .NH 1 Troubleshooting .PP Things i do when things go wrong. . .ULS .LI reboot .LI .CW "sudo systemctl restart networking" .LI check config files .LI .CW "ip a" .LI rewrite config files, srsly .LI .CW "ip r" (especially check the default route) .LI .CW "apropos [problem]" "," .CW "man [program]" .LI get upset .LI .CW dmesg (look for .CW "link is not ready" without .CW "link becomes ready" afterwards) .LI .CW "sudo ss -tulpn" .ULE