33 lines
958 B
Markdown
33 lines
958 B
Markdown
Resources:
|
|
[archwiki-internet-sharing](https://wiki.archlinux.org/title/Internet_sharing#Configuration)
|
|
[archwiki-sysctl](https://wiki.archlinux.org/title/Sysctl#Configuration)
|
|
[kernel-sysctl](https://www.kernel.org/doc/html/latest//networking/ip-sysctl.html)
|
|
|
|
Remark: Many resources mention that all #firewall config should be executed in one go from a script.
|
|
They also mention to make sure to flush all previous rules/tables/chains before beginning the setup.
|
|
Order of rules matter.
|
|
|
|
*Check current settings*
|
|
```bash
|
|
sudo sysctl -a | grep forward
|
|
```
|
|
|
|
# Config
|
|
```
|
|
net.ipv4.conf.all.bc_forwarding = 0 # broadcast?
|
|
net.ipv4.conf.all.forwarding = 1 # Enable IP forwarding on this interface.
|
|
```
|
|
Latter above controls whether packets received _on_ this (in this case on _all_) interface can be forwarded.
|
|
|
|
```
|
|
net.ipv4.conf.all.mc_forwarding = 0 # Multicast routing
|
|
```
|
|
## Locations
|
|
### Preloaded
|
|
|
|
# Tags
|
|
#firewall #nat
|
|
#sysctl
|
|
#ip-forwarding
|
|
#masquerading
|