Internet Connection Sharing using iptables

It is very easy to setup an internet connection sharing in Linux system using iptables. This method can be used to share an internet connection from a Linux system(I used Fedora Core 6, but it should work on other distributions that support iptables). Another method of doing this is using a proxy server like squid.

Enable IP forwarding
Run as root sysctl -w net.ipv4.ip_forward=1 To enable it in system startup, edit the file /etc/sysctl.conf and set net.ipv4.ip_forward = 1

iptables
Run command as root
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE service iptables save

Configuration
The configuration should be like this

Router
Connected to the internet provider IP : 192.168.1.1

Internet Connected System

eth0 (LAN Card 1) Connected to router IP : 192.168.1.10 Netmask : 255.255.255.0 Gateway : 192.168.1.1 (IP of the router) eth1 (LAN Card 2) Connected to the other system IP : 192.168.0.20 (Not the same network as the first card) Netmask : 255.255.255.0 Gateway : 192.168.1.1 (IP of the router)

Second System
LAN Card connected to the first system IP : 192.168.0.30 Netmask : 255.255.255.0 Gateway : 192.168.0.20 (IP of the second Card in the first system)

Disclaimer
Linux networks is not a subject I am an expert on. So take my advice with a pinch of salt. The above procedure worked for me. YMMV.

Status
Some results of various commands are shown here. Check to see if it matches the result on your system.
# iptables -t nat -L POSTROUTING Chain POSTROUTING (policy ACCEPT) target prot opt source MASQUERADE all -- anywhere # cat /proc/sys/net/ipv4/ip_forward 1 # iptables -L Chain INPUT (policy ACCEPT) target prot opt source Chain FORWARD (policy ACCEPT) target prot opt source Chain OUTPUT (policy ACCEPT) target prot opt source destination anywhere

destination destination destination