NAT, DNS & DHCP in Debian

NAT ( good with PPPoE)
Create script:
sudo vim /etc/nat

# Включаем форвардинг пакетов
echo 1 > /proc/sys/net/ipv4/ip_forward
# Разрешаем трафик на loopback-интерфейсе
iptables -A INPUT -i lo -j ACCEPT
# Разрешаем доступ из внутренней сети наружу
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
# Включаем NAT
iptables -t nat -A POSTROUTING -o eth0 -s -j MASQUERADE
# Разрешаем ответы из внешней сети
iptables -A FORWARD -i eth0 -m state –state ESTABLISHED,RELATED -j ACCEPT
# Запрещаем доступ снаружи во внутреннюю сеть
iptables -A FORWARD -i eth0 -o eth1 -j REJECT

For autoload script add: post-up /etc/nat to the file  /etc/network/interfaces
give rights for execute:
sudo chmod +x /etc/nat
reload network:
sudo /etc/init.d/networking restart
If never admitted mistakes it should works. For check point in local network machine as a gateway and DNS address of our router: and ping any external address, for example, one of the OpenDNS servers:

sudo apt-get install dnsmasq
Open /etc/dnsmasq.conf, found, uncomment and change to this (will accept DNS requests from local network):
Reload DNS server:
sudo /etc/init.d/dnsmasq restart
Now Internet should work.

Open /etc/dnsmasq.conf.
Add or change line:
DNS server address, and gateway server recovers automatically from the system settings. Once again restart Dnsmasq:
sudo /etc/init.d/dnsmasq restart
View reserved addresses can be showen by the command:
cat /var/log/syslog | grep DHCPOFFER

Leave a comment