July 8th, 2007

  • evan

quickly sharing a net connection

I seem to often (at least often enough to know I've done it more than a few times) need to quickly share a computer's net connection. This time it's because we had to pull the net connection from my desktop because the building was getting repainted; my laptop has wireless but my desktop doesn't. I always just barely remember how to do this each time I need to, so I may as well write it down even though it's relatively simple.

Three steps:
  1. Get the two computers speaking via IP. Pick addresses that aren't already used elsewhere. A fancy way of doing this might be avahi-autoipd, which implements 'IPv4LL, "Dynamic Configuration of IPv4 Link-Local Addresses" (IETF RFC3927)', but that's only in Ubuntu feisty. In any case you need to tell the internet-less machine to route through the gateway one (as well as give it the upstream DNS server address).
  2. Tell the laptop machine to forward packets routed to it:
    echo 1 > /proc/sys/net/ipv4/ip_forward
  3. Tell iptables to masquerade (NAT) packets going out the wireless interface:
    iptables -t nat -A POSTROUTING -o ath0 -j MASQUERADE
This probably has security problems (I imagine maybe other machines on the wireless could masquerade through the laptop) but it's fine in a private network setting. To undo, echo 0 into the ip forwarding control and clear ("flush") the nat iptable: iptables -t nat -F .