Linux – iptables forwarding between two interface

iptableslinuxnetworking

So I have a linux box with two wireless interfaces, one is a station and the other an AP.

wlan0 (station) – Connected to the internet connection

wlan1 (AP) – Other clients connect to it.

I would like for clients connected to wlan1 to be able to access the internet on wlan0. And I'd like to do this with iptables as my kernel doesn't have bridging support…

Here's what I've tried so far with iptables but it's not working:

iptables -A FORWARD -i wlan0 -o wlan1 -j ACCEPT
iptables -A FORWARD -i wlan1 -o wlan0 -j ACCEPT

I'd appreciate any help.

Best Answer

First, to enable hosts connecting on your private interface to go out to the internet, you don't need bridging the interfaces, you need to route packets coming in on one interface, to the other one, where they go out to the wild.

To do that, you only need to:

Enable forwarding on your linux box:
Allow specific (or all of it) packets to traverse your router
As someone stated, as netfilter is a stateless firewall, allow traffic for already established connections

Change the source address on packets going out to the internet

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -i wlan1 -o wlan0 -j ACCEPT
iptables -A FORWARD -i wlan0 -o wlan1 -m state --state ESTABLISHED,RELATED \
         -j ACCEPT
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

That should do it.

Best Answer

Related Solutions

Iptables forwarding to a dumthe interface

Linux – Forwarding MySQL connection with iptables and differents network interfaces

Related Topic