Google Site SearchFN Site Search FN Blog Login FN Blog Login
Site Navigation:

HOWTO: Set up a Gateway for Internet Connection Sharing

by Gavin Henry


One of the most frequently questions I see on mailing lists, chat channels and newsgroups is "How do I set up Internet Connection sharing with Linux?" Well read on.


I will presume you already have an internet connection with a modem. Things that are needed:

  • A machine that is going to be the Gateway.
  • A modem for this machine and a network card for it.
  • A switch/hub for other client machines to connect to the Gateway.
  • A network card and cables for each client machine.
  • Iptables.

All of the configuration will be on the command line, so open up a terminal and become root by typing su -

edit /etc/sysconfig/networking/devices/ifcfg-eth0 and make it look like this:

Then restart networking:
service network restart

Check that iptables is installed by typing as root:

rpm -q iptables
If not
apt-get install iptables


lsmod | grep iptable_nat
If this comes up blank, you need to load the right module:
modprobe iptable_nat
Now (if you have not issued "su -" and only "su", you will need to add /sbin/ to most of these commands, i.e. /sbin/iptables and /sbin/service):
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
Save this by:
service iptables save
Enable ip forwarding by typing:
echo "1" > /proc/sys/net/ipv4/ip_forward
Edit /etc/sysctl.conf changing net.ipv4.ip_forward = 0 to 1 to keep this enabled at reboot. You make the system reread /etc/sysctl.conf by typing:
sysctl -p
to check you haven't made a typo.

You can also setup a DHCP server to allow your clients whether it be Windows® or Linux clients to be given a IP address with the Gateway details included. Download DHCP by:

apt-get install dhcp
and then as root, make /etc/dhcpd.conf look like:
ddns-update-style interim;

default-lease-time              600;
max-lease-time                  7200;

subnet netmask {
  option routers;
  option subnet-mask;
  option domain-name-servers,;
service dhcpd start
Now if DHCP is enabled on all your clients, then that is all you need to do. Use the setup command as root to checkout your network settings on your Fedora clients.

Well, that's it for now. For any comments or corrections, please e-mail me.