simple Gateway Print

  • router
  • 0

Installing and configuring DNSmasq 

DNSmasq is a DNS forwarder and DHCP server. Change “domain” to match the FQDN of your network and “dhcp-range” to the desired range of DHCP IP addresses that the router / gateway should assign to the clients on the private network.

apt-get update && apt-get upgrade
apt-get install dnsmasq
nano -w /etc/dnsmasq.conf interface=eth1 listen-address=127.0.0.1 domain=your.domain.name dhcp-range=10.0.0.100,10.0.0.150,12h

Installing and configuring iptables 

First we will install some tools needed to automatically load stored iptables rules on the next reboot of the router / gateway.
Both questions whether the current iptables rules should be saved, have to be answered with “Yes”.

apt-get install iptables-persistent

Iptables Enable rules

Save below text as rules.sh

#!/bin/sh

PATH=/usr/sbin:/sbin:/bin:/usr/bin

#
# delete all existing rules.
#
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X

# Always accept loopback traffic
iptables -A INPUT -i lo -j ACCEPT


# Allow established connections, and those not coming from the outside
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i !eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow outgoing connections from the LAN side.
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

# Masquerade.
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

# Don't forward from the outside to the inside.
iptables -A FORWARD -i eth1 -o eth1 -j REJECT
chmod +x rules.sh
./rules.sh 

Enable IP forwarding

first open the file you need

nano /etc/sysctl.conf

Then uncomment following line

net.ipv4.ip_forward = 1

Reboot and check if everything works 

That’s it! After a reboot, you have a simple router / gateway for your private network.


Was dit antwoord nuttig?

« Terug

Powered by WHMCompleteSolution