Mageia 7, Internet Sharing for laptop

Mageia 7, Internet Sharing for laptop

Postby floppy » Oct 4th, '20, 04:08

I have a laptop running Mageia 7
it connects via wifi to the internet ( 4G wifi modem ) no problems

I want to share the internet via a wired LAN
and have done so via the MCC -network sharing
and another Magiea computer on the wired LAN
can see that the internet is there
and is able to detect the gateway and dhcp servers
but cant display any webpages

I suspect this is due to the firewall on the laptop
can someone point me to a how-to / tutorial to allow the firewall
to give access to the other computers on the wired LAN

thanks
floppy
 
Posts: 60
Joined: Feb 19th, '12, 04:16

Re: Mageia 7, Internet Sharing for laptop

Postby jiml8 » Oct 4th, '20, 07:22

You need to set up some iptables rules to enable traffic to flow. I presume you will want to do NAT across the laptop.

Here is a small firewall that I use on a raspberry pi running the raspbian OS. This pi is set up to be a VPN gateway on my LAN; I have some of my other devices use it as a gateway and their traffic flows out to the internet via a VPN. This traffic arrives from the LAN on the eth0 interface and leaves on the proton0 interface.

The structure of the firewall is exactly what you need on your laptop, though you will have to fiddle a bit with the details.

Code: Select all
cat /usr/local/bin/firewall.sh
#!/usr/bin/env bash

echo 1 >/proc/sys/net/ipv4/ip_forward

# Clear all rules
iptables -F
iptables -t nat -F

# Default drop incoming
iptables -P INPUT DROP

# Don't forward traffic
iptables -P FORWARD DROP

# Allow outgoing traffic
iptables -P OUTPUT ACCEPT

# Allow localhost traffic
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# block any traffic that does not belong to our lan
iptables -A INPUT -i eth0  -j ACCEPT
iptables -A INPUT -i proton0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -j DROP

# enable traffic from the lan to the vpn tunnel
iptables -t nat -A POSTROUTING  -o proton0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o proton0 -j ACCEPT
iptables -A FORWARD -i proton0  -m state --state ESTABLISHED,RELATED -j ACCEPT
jiml8
 
Posts: 1126
Joined: Jul 7th, '13, 18:09


Return to Networking

Who is online

Users browsing this forum: No registered users and 1 guest