Internet via IP Masquerading

The number of "blockchain" networks had grown considerably over time, in most cases coming as an alternative to internet subscriptions, often too expensive for the average novel. These not only considerably reduce the cost of the Internet, but also offer the advantage of file sharing between network users. If you are part of such a network and use a server that gives you access to the Internet, it is probably running Linux. If you have been wondering how to do this, here is a detailed explanation.

After concluding the contract for the Internet, the ISP (Internet Service Provider) provides you with the necessary data to connect. These consist of: IP address, gateway address, netmask and one or two DNS. With them and IP MASQUERADE you can become a small ISP for your network.

IP MASQUARADE and NAT

IP MASQUARADE is the process by which you transform your own IP address into a gateway for other "fake" IPs, located in the local network. The Linux server with the real address can filter packets coming in or out of the network, we still need to create a network using your ISP. To use the network you will need a method to save IP addresses, ie NAT (Network Address Translation ), which will change local addresses to public addresses when needed.

There are 3 areas reserved for local networks and these are: 10.0.0.0 - 10.255.255.255 - 172.16.0.0 - 172.31.255.255 - 192.168.0.0 - 192.168.255.255. Instructions for creating "false" addresses will be given through commands to iptables, most often in the form of a bash script. Here is a valid example suggested by Iancu Dragos: The two network cards on the server, eth0 and eth1 will be configured as follows:

eth0 - provider configurations

eth1 - ip 192.168.33.1

netmask 255.255.255.0

gateway: gateway provider dns1:

DNS 1 provider dns2:

NS 2 provider

Then install the script below in /etc/rc.d/
pico firetables - enter the text below, save (ctrl + o) and exit (ctrl + x)
chmod a + x firetables
pico /etc/rc.d/ rc.local

and add /etc/rc.d/firetables - to start the

firetables startup it must contain what is below:
#! / bin / sh IPEXT = "xxx.xxx.xxx.xxx" IPTABLES = "iptables" EXTIF = eth0 INTIF = eth1 LOCALNET = "192.168.0.1/255.255.255.0" echo 1> / proc / sys / net / ipv4 / tcp_syncookies echo 1> / proc / sys / net / ipv4 / icmp_echo_ignore_broadcasts echo 1> / proc / sys / net / ipv4 / ip_forward echo 1> / proc / sys / net / ipv4 / conf / all / log_martians echo 1> / proc / sys / net / ipv4 / conf / all / rp_filter echo 0> / proc / sys / net / ipv4 / conf / all / accept_source_route echo 0> / proc / sys / net / ipv4 / conf / all / accept_redirects echo 1> / proc / sys / net / ipv4 / ip_forward echo 'Flushing previous rules' $ IPTABLES -F $ IPTABLES -X CHAINS = `cat / proc / net / ip_tables_names 2> / dev / null` for i in $ CHAINS do $ IPTABLES -t $ i -F done; for i in $ CHAINS do $ IPTABLES -t $ i -X done; echo 'Internet access' iptables -t nat -A PREROUTING -i eth1 -s 192.168.0.
iptables -t nat -A POSTROUTING -o $ EXTIF -s $ LOCALNET -j SNAT --to-source
$ IPEXT

After the reboot you will have a local network that can connect to the Internet.