Ubuntu and Debian Internet Gateway (IP Masquerading)

This is a step by step tutorial how to make an Internet Gateway using Debian or Ubuntu machine.

1. Configure your NIC

Add two network cards to your pc and install Debian or Ubuntu (I will prefer Debian etch or Ubuntu Dapper). Configure the ip address of your network cards.

Your network card configuration should be look like this:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
    address 192.168.0.2
    netmask 255.255.255.0
    gateway 192.168.0.1

auto eth1
iface eth1 inet static
    address 192.168.1.1
    netmask 255.255.255.0

Edit your /etc/resolv.conf file and add the ip address of your DNS server.

Your resolv.conf file should look like this:

nameserver XXX.XXX.XXX.XXX
nameserver XXX.XXX.XXX.XXX

2. Host configuration

Edit your hostname information in /etc/hostname

Edit your /etc/hosts file similar to this:

127.0.0.1       localhost.localdomain   localhost       server
192.168.0.100   server.example.com     server

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Reload your network configuration.

3. Flush iptables configurations

4. Enable IP forwarding

5. Enable ip masquerading

We will create a script to make sure that ip_forwarding and the iptables config loads at every
startup. To do this, we will create /etc/init.d/iptables

and put the following into it.

#! /bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables-restore < /etc/iptables.conf

Save the file, then make it executable:

Make the iptables starts on boot

Reboot your computer and configure the clients connected to your server. You can also install DHCP server to automatically manage your clients connection.

6. Install DHCP server

Install dhcp3 server using this command:

Backup your dhcp server configuration

Edit your original dhcpd.conf and copy this configuration. This will work in a simple Internet Gateway.

authoritative;
subnet 192.168.1.0 netmask 255.255.255.0 {
        range                           192.168.1.100 192.168.1.200;
        option domain-name-servers      XXX.XXX.XXX.XXX,XXX.XXX.XXX.XXX;
        option routers                  192.168.1.1;
        default-lease-time              600;
        max-lease-time                  7200;
}

Start your dhcp server by typing this command.

Thats it and you have a working internet gateway with dhcp server.