I want to share my internet connection on my Fedora machine to another Windows machine. I have two LAN cards. I have succeded to make a connection between the 2 machines localy so I can see the other machine and it can see me but the second one doesnot have internet. How do I do that? (I don't want to use any firewall like firestarter). I'm terribly new to linux.....

well.. if you are new to linux,

then firestarter is the easiest way to set it up ! otherwise you have to configure the iptables manually

you may try to edit rc.local in /etc/ folder to append these lines

# Load iptables NAT module when required
modprobe iptable_nat

## Clear NAT IPTables
iptables -t nat --flush

## Enable Nating
iptables -t nat -A POSTROUTING -o EXTETH -s INTERNALNET -d 0/0 -j MASQUERADE

EXTETH: is the interface wich connected to the internet.
INTERNALNET: the internal network subnet such as (192.168.1.0/24)

and

edit /etc/sysctl.conf by set the key net.ipv4.ip_forward to 1

then restart the linux box.

AHanbali,

I've disabled firestarter, enabled fedora's firewall and edited "rc.local" as you said and aldo enabled the "ip forward" but my second box can't conect to internet... :(

I'm sorry I missed the two lines bellow
apend them into rc.local

iptables -A FORWARD -t filter -o EXTETH -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

iptables -A FORWARD -t filter -i EXTETH -m state --state ESTABLISHED,RELATED -j ACCEPT

that all I did to share internet to my private LAN.

Make sure your second box has been configured to connect to the Internet through a gateway (your first box). This setting is pretty automatic if you use DHCP, but you have to specify it by hand in both windoze and Linux otherwise.

Make sure your second box has been configured to connect to the Internet through a gateway (your first box). This setting is pretty automatic if you use DHCP, but you have to specify it by hand in both windoze and Linux otherwise.

that's right the PCs in the private net must use the internal interface of linux box as Gateway.
in addition to configure iptables.

Thanks for the reply.

I'd like to check this:

EXTETH: is the interface wich connected to the internet.
I use adsl and the device is "ppp0" so I replace EXTETH with ppp0.

INTERNALNET: the internal network subnet such as (192.168.1.0/24)
On my Fedora box that is connected to internet my ethernet card has the ip: 192.168.0.1 gate: 255.255.255.0 so I replace INTERNALNET with 192.168.0.1/24.

Did I make it right?

Another thing. I've chabged the file /proc/sys/net/ipv4/ip_forward to 1.


Trek1701

yeah that right,
INTERNALNET 192.168.0.1/24 for 192.168.0.1 subnet mask 255.255.255.0

please tell me the output of ipconfig!!!

Ok, this is what I added to my rc.local:

# Load iptables NAT module when required
modprobe iptable_nat

## Clear NAT IPTables
iptables -t nat --flush

## Enable Nating
iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.0.1/24 -d 0/0 -j MASQUERADE

iptables -A FORWARD -t filter -o ppp0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

iptables -A FORWARD -t filter -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT


And this is my output for ifconfig:

eth0 Link encap:Ethernet Endereço de HW 00:01:02:C8:EE:E8
inet end.: 192.168.0.1 Bcast:192.168.0.255 Masc:255.255.255.0
endereço inet6: fe80::201:2ff:fec8:eee8/64 Escopo:Link
UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1
RX packets:139 errors:0 dropped:0 overruns:0 frame:0
TX packets:106 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:1000
RX bytes:12898 (12.5 KiB) TX bytes:11465 (11.1 KiB)
IRQ:9 Endereço de E/S:0xb800

eth1 Link encap:Ethernet Endereço de HW 00:01:03:E0:20:AF
inet end.: 169.254.251.163 Bcast:169.254.255.255 Masc:255.255.0.0
endereço inet6: fe80::201:3ff:fee0:20af/64 Escopo:Link
UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1
RX packets:950 errors:0 dropped:0 overruns:0 frame:0
TX packets:1086 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:1000
RX bytes:337122 (329.2 KiB) TX bytes:185151 (180.8 KiB)
IRQ:9 Endereço de E/S:0xb400

lo Link encap:Loopback Local
inet end.: 127.0.0.1 Masc:255.0.0.0
endereço inet6: ::1/128 Escopo:Máquina
UP LOOPBACKRUNNING MTU:16436 Métrica:1
RX packets:68 errors:0 dropped:0 overruns:0 frame:0
TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:0
RX bytes:11949 (11.6 KiB) TX bytes:11949 (11.6 KiB)

ppp0 Link encap:Protocolo Ponto-a-Ponto
inet end.: 201.1.91.189 P-a-P:200.100.11.66 Masc:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Métrica:1
RX packets:919 errors:0 dropped:0 overruns:0 frame:0
TX packets:1011 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:3
RX bytes:314952 (307.5 KiB) TX bytes:156058 (152.4 KiB)

Where eth0 is my local lan, eth1 is connected to my adsl moden and ppp0 is my internet.

Firestarter is disabled and fedora's firewall and iptables are enabled.

My second box still can't connect.


Trek1701

I think every thing is OK
the system must work OK

lets try this
run these commands from from command prompt

## Clear IP Tables
iptables --flush
iptables -t nat --flush
iptables -t mangle --flush

## enable loopback Adapter
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

## Connection Tracking Rules
IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

## Enable NATing
iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.0.0/24 -d 0/0 -j MASQUERADE
make sure that the internal machine is configured to an IP in the subnet 192.168.0.0/24 and to use 192.168.0.1 as gateway.


-----------------------------------------
AHanbali