Debian router config

From The World according to Vissie
Jump to navigation Jump to search

Edit your /etc/network/interfaces:

 auto lo
 iface lo inet loopback

 # The primary network interface
 allow-hotplug eth0
 iface eth0 inet static

 # The secondary network interface
 allow-hotplug eth1
    iface eth1 inet static
ip route add dev eth1
sysctl -w net.ipv4.ip_forward=1

You can also make the setting permanent in `/etc/sysctl.conf by adding a line below to /etc/sysctl.conf:

net.ipv4.ip_forward = 1
sudo iptables -t nat -A POSTROUTING ! -d -o eth0 -j SNAT --to-source

We ended up using these rules:


sudo echo 1 > /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT