From 93217f7a3790bd3798125cb1360f9ea061ff9598 Mon Sep 17 00:00:00 2001
From: Geoffrey Thomas <geofft@mit.edu>
Date: Sun, 1 Feb 2009 10:47:32 -0500
Subject: [PATCH] script to set up a NAT via Linux iptables

---
 iptables-nat.sh | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 iptables-nat.sh

diff --git a/iptables-nat.sh b/iptables-nat.sh
new file mode 100644
index 0000000..eb9e5f8
--- /dev/null
+++ b/iptables-nat.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+#
+# usage (e.g.): sudo sh iptables-nat.sh [public interface] [private interface]
+#
+# Sets up iptables on Linux 2.6 to run a NAT for all machines on the
+# private interface via the IP bound to the public interface. You should
+# manually configure a private RFC1918 network for the machines on the
+# private interface.
+#
+# Derived from the Linux IP masquerade HOWTO.
+
+public=${1:-ath0}
+private=${2:-eth0}
+
+# permit forwarding connections that have to do with the NAT
+iptables -A FORWARD -i $private -o $public -j ACCEPT
+iptables -A FORWARD -i $public -o $private -m state --state ESTABLISHED,RELATED -j ACCEPT
+
+# drop other connections, else the remaining commands will NAT public requests
+# routed to this machine
+iptables -P FORWARD DROP
+
+# enable NAT
+iptables -t nat -A POSTROUTING -o $public -j MASQUERADE
+
+# this is usually not on by default
+echo 1 > /proc/sys/net/ipv4/ip_forward
-- 
2.45.0