ctheroux.com
Share share
Menu menu
Close menu cancel

How To Setup an Internet Gateway using Ubuntu

L'Antre du Tryphon

schedule
2015-02-18 | 19:34h
update
2015-02-18 | 19:36h
person
www.ctheroux.com
domain
www.ctheroux.com

How To Setup an Internet Gateway using Ubuntu

Setting up an Internet Gateway using Ubuntu is pretty straight forward. In order to do so, you will need:

  1. A computer with two network interfaces. One hooked to your WAN connection, the other one to your LAN.
  2. The computer needs Ubuntu installed with a minimum of software installed.
  3. Copy the script below to your gateway machine in /etc/network/if-up.d/00-my-gateway. Make sure that the script has the execute permission.
  4. Update the LAN and WAN variables in the script. For example, if eth0 is your WAN interface and eth1 is your LAN interface, then set WAN=eth0 and LAN=eth1.
  5. Reboot.
Advertisement

This script configures the Ubuntu Firewall to forward LAN traffic to the Internet but drops all unsolicited incoming traffic from the Internet. Your network will be stealth. You can use the online tool ShiedlsUP! at https://www.grc.com to test it.


#!/bin/bash

PATH=/usr/sbin:/sbin:/bin:/usr/bin

# Interfaces
LAN=lan
WAN=wan

#
# Delete all existing rules.
#
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X

# Enable routing.
echo 1 > /proc/sys/net/ipv4/ip_forward

# Loopback traffic.
iptables -A INPUT -i lo -j ACCEPT

# Allow established connections.
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i $LAN -j ACCEPT
iptables -A FORWARD -i $WAN -o $LAN -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow connections from the $LAN to the $WAN.
iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT

# Enable masquerading.
iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE

# No forwarding from the $WAN to the $LAN.
iptables -A FORWARD -i $WAN -o $WAN -j DROP

# Drop everything else from the WAN ... Stealth mode.
iptables -A INPUT -i $WAN -j DROP

Advertisement
Imprint
Responsible for the content:
www.ctheroux.com
Privacy & Terms of Use:
www.ctheroux.com
Mobile website via:
WordPress AMP Plugin
Last AMPHTML update:
19.04.2024 - 03:52:37
Privacy-Data & cookie usage: