Official NixOS Wiki

Internet Connection Sharing: Difference between revisions

← Older editNewer edit →
Samasaur (talk | contribs)
3 edits
VisualWikitext
imported>Prateekrajgautam
No edit summary
Add persistent configuration to share a WiFi connection over Ethernet
Line 20: Line 20:
=== Configuration ===
=== Configuration ===


Persistent share an existing internet connection of a wired interface <code>eth0</code> using a wifi hotspot on <code>wlan0</code> with the access point name <code>My Wifi Hotspot</code>. The network is protected with a simple WPA2 pre-shared key <code>12345678</code>.
Persistently share an existing internet connection of a wired interface <code>eth0</code> using a wifi hotspot on <code>wlan0</code> with the access point name <code>My Wifi Hotspot</code>. The network is protected with a simple WPA2 pre-shared key <code>12345678</code>.


<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
Line 61: Line 61:
# Get handle_number with: nft -a list table nat
# Get handle_number with: nft -a list table nat
nft delete rule nat POSTROUTING handle <handle_number>
nft delete rule nat POSTROUTING handle <handle_number>
</syntaxhighlight>
=== Configuration ===
Persistently share an existing internet connection on interface `wlan0` to clients connected on an ethernet interface `eth0`. Tested where `wlan0` is a wireless interface, but it should work with a different ethernet interface as well. You do not need to manually open port 53.
<syntaxhighlight lang="nix">
# Set a static IP on the "downstream" interface
networking.interfaces."eth0" = {
  useDHCP = false;
  ipv4.addresses = [{
    address = "10.0.0.1";
    prefixLength = 24;
  }];
};
networking.firewall.extraCommands = ''
  # Set up SNAT on packets going from downstream to the wider internet
  iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
  # Accept all connections from downstream. May not be necessary
  iptables -A INPUT -i enp2s0 -j ACCEPT
'';
# Run a DHCP server on the downstream interface
services.kea.dhcp4 = {
  enable = true;
  settings = {
    interfaces-config = {
      interfaces = [
        "eth0"
      ];
    };
    lease-database = {
      name = "/var/lib/kea/dhcp4.leases";
      persist = true;
      type = "memfile";
    };
    rebind-timer = 2000;
    renew-timer = 1000;
    subnet4 = [
      {
        id = 1;
        pools = [
          {
            pool = "10.0.0.2 - 10.0.0.255";
          }
        ];
        subnet = "10.0.0.1/24";
      }
    ];
    valid-lifetime = 4000;
    option-data = [{
      name = "routers";
      data = "10.0.0.1";
    }];
  };
};
</syntaxhighlight>
</syntaxhighlight>


[[Category:Networking]]
[[Category:Networking]]
Retrieved from "https://wiki.nixos.org/wiki/Internet_Connection_Sharing"