Difference between revisions of "Debian as router"
Jump to navigation
Jump to search
Rafahsolis (talk | contribs) |
Rafahsolis (talk | contribs) |
||
| Line 31: | Line 31: | ||
= With SystemD = | = With SystemD = | ||
| − | == | + | == Start Script == |
<source lang="bash">#!/bin/bash | <source lang="bash">#!/bin/bash | ||
Ariel=15.17.170.200 | Ariel=15.17.170.200 | ||
| Line 60: | Line 60: | ||
add_nat ${Mapper} | add_nat ${Mapper} | ||
sudo iptables -t nat --line-numbers -L -n -v<source> | sudo iptables -t nat --line-numbers -L -n -v<source> | ||
| + | |||
| + | == Stop Script == | ||
| + | <source lang="bash">#!/bin/bash | ||
| + | sudo sysctl -w net.ipv4.ip_forward=0 | ||
| + | |||
| + | function clear_nat { | ||
| + | for i in $( sudo iptables -t nat -L -n -v --line-numbers | grep ^[0-9] | awk '{ print $1 }' ) | ||
| + | do sudo iptables -t nat -D POSTROUTING 1 | ||
| + | done | ||
| + | } | ||
| + | |||
| + | function add_nat { | ||
| + | sudo iptables -t nat -A POSTROUTING -s ${1}/32 -o tun0 -j MASQUERADE | ||
| + | } | ||
| + | |||
| + | clear_nat | ||
| + | sudo iptables -t nat --line-numbers -L -n -v | ||
| + | </source> | ||
Revision as of 12:02, 30 October 2018
Make a debian box router
Enable routing
Temporal
sudo sysctl -w net.ipv4.ip_forward=1 #
Permanent
sudo nano /etc/sysctl.conf net.ipv4.ip_forward = 1
Create NAT rule at IPTABLES
sudo iptables -t nat -A POSTROUTING -s 15.17.170.215/32 -o tun0 -j MASQUERADE
List iptables NAT rules
sudo iptables -t nat -L -n -v
Delete NAT rule
- List the rules with line numbers
sudo iptables -t nat -v -L POSTROUTING -n --line-number Chain POSTROUTING (policy ACCEPT 241 packets, 23342 bytes) num pkts bytes target prot opt in out source destination 1 2 168 MASQUERADE all -- * tun0 15.17.170.215 0.0.0.0/0 2 250 15024 MASQUERADE all -- * tun0 15.17.164.7 0.0.0.0/0 3 16409 1098K MASQUERADE all -- * tun0 15.17.165.42 0.0.0.0/0
- If you want to delete the rule: 3 16409 1098K MASQUERADE all -- * tun0 15.17.165.42 0.0.0.0/0
sudo iptables -t nat -D POSTROUTING 3
Add route to linux
ip route add 10.0.192.0/18 via 15.17.160.217 dev eth0
With SystemD
Start Script
#!/bin/bash
Ariel=15.17.170.200
Arrow=15.17.169.59
Carabanchel=15.17.170.206
Marito=15.17.160.181
CarlosDuque=15.17.170.138
Mapper=15.17.163.102
sudo sysctl -w net.ipv4.ip_forward=1
function clear_nat {
for i in $( sudo iptables -t nat -L -n -v --line-numbers | grep ^[0-9] | awk '{ print $1 }' )
do sudo iptables -t nat -D POSTROUTING 1
done
}
function add_nat {
sudo iptables -t nat -A POSTROUTING -s ${1}/32 -o tun0 -j MASQUERADE
}
clear_nat
add_nat ${Ariel}
add_nat ${Carabanchel}
add_nat ${Arrow}
add_nat ${CarlosDuque}
add_nat ${Marito}
add_nat ${Mapper}
sudo iptables -t nat --line-numbers -L -n -v<source>
== Stop Script ==
<source lang="bash">#!/bin/bash
sudo sysctl -w net.ipv4.ip_forward=0
function clear_nat {
for i in $( sudo iptables -t nat -L -n -v --line-numbers | grep ^[0-9] | awk '{ print $1 }' )
do sudo iptables -t nat -D POSTROUTING 1
done
}
function add_nat {
sudo iptables -t nat -A POSTROUTING -s ${1}/32 -o tun0 -j MASQUERADE
}
clear_nat
sudo iptables -t nat --line-numbers -L -n -v