How do I forward eth0 to wlan0?












0















I tried to forward eth0 to wlan0 on my Raspberry Pi B+ using NAT on iptables with the following commands:



echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD --in-interface eth0 -j ACCEPT
iptables --table nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE



But it didn't work, when I tried to ping google.com I got ping: unknown host google.com on my laptop which is connected to the eth0 port on my Raspberry Pi B+. On my Raspberry Pi B+, I just have normal internet access from wlan0.
The IP adresses on my wifi network are looking so: 192.168.1.xxx.



How do I forward eth0 to wlan0?










share|improve this question

























  • 1) try to ping an IP, not a hostname. hostname resolve needs DNS too. 2) You say you have access on your RPI from Wlan. Then the in interface is the wifi, and out is eth0, isn't it? ( revsys.com/writings/quicktips/nat.html )

    – Shiki
    Nov 28 '15 at 10:19













  • If I ping an IP, I get host not reachable

    – wb9688
    Nov 28 '15 at 10:22











  • Okay then, how about those interfaces then? Which is input, which is output? Wlan0 is where you connect the internet, right? "On my Raspberry Pi B+, I just have normal internet access from wlan0."

    – Shiki
    Nov 28 '15 at 10:23













  • @Shiki Yes, wlan0 is connected to the internet

    – wb9688
    Nov 28 '15 at 10:24













  • What is the routing table on your laptop? ip route show.

    – MariusMatutiae
    Nov 28 '15 at 10:44
















0















I tried to forward eth0 to wlan0 on my Raspberry Pi B+ using NAT on iptables with the following commands:



echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD --in-interface eth0 -j ACCEPT
iptables --table nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE



But it didn't work, when I tried to ping google.com I got ping: unknown host google.com on my laptop which is connected to the eth0 port on my Raspberry Pi B+. On my Raspberry Pi B+, I just have normal internet access from wlan0.
The IP adresses on my wifi network are looking so: 192.168.1.xxx.



How do I forward eth0 to wlan0?










share|improve this question

























  • 1) try to ping an IP, not a hostname. hostname resolve needs DNS too. 2) You say you have access on your RPI from Wlan. Then the in interface is the wifi, and out is eth0, isn't it? ( revsys.com/writings/quicktips/nat.html )

    – Shiki
    Nov 28 '15 at 10:19













  • If I ping an IP, I get host not reachable

    – wb9688
    Nov 28 '15 at 10:22











  • Okay then, how about those interfaces then? Which is input, which is output? Wlan0 is where you connect the internet, right? "On my Raspberry Pi B+, I just have normal internet access from wlan0."

    – Shiki
    Nov 28 '15 at 10:23













  • @Shiki Yes, wlan0 is connected to the internet

    – wb9688
    Nov 28 '15 at 10:24













  • What is the routing table on your laptop? ip route show.

    – MariusMatutiae
    Nov 28 '15 at 10:44














0












0








0


1






I tried to forward eth0 to wlan0 on my Raspberry Pi B+ using NAT on iptables with the following commands:



echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD --in-interface eth0 -j ACCEPT
iptables --table nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE



But it didn't work, when I tried to ping google.com I got ping: unknown host google.com on my laptop which is connected to the eth0 port on my Raspberry Pi B+. On my Raspberry Pi B+, I just have normal internet access from wlan0.
The IP adresses on my wifi network are looking so: 192.168.1.xxx.



How do I forward eth0 to wlan0?










share|improve this question
















I tried to forward eth0 to wlan0 on my Raspberry Pi B+ using NAT on iptables with the following commands:



echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD --in-interface eth0 -j ACCEPT
iptables --table nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE



But it didn't work, when I tried to ping google.com I got ping: unknown host google.com on my laptop which is connected to the eth0 port on my Raspberry Pi B+. On my Raspberry Pi B+, I just have normal internet access from wlan0.
The IP adresses on my wifi network are looking so: 192.168.1.xxx.



How do I forward eth0 to wlan0?







iptables nat






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 2 '15 at 5:33







wb9688

















asked Nov 28 '15 at 9:03









wb9688wb9688

11118




11118













  • 1) try to ping an IP, not a hostname. hostname resolve needs DNS too. 2) You say you have access on your RPI from Wlan. Then the in interface is the wifi, and out is eth0, isn't it? ( revsys.com/writings/quicktips/nat.html )

    – Shiki
    Nov 28 '15 at 10:19













  • If I ping an IP, I get host not reachable

    – wb9688
    Nov 28 '15 at 10:22











  • Okay then, how about those interfaces then? Which is input, which is output? Wlan0 is where you connect the internet, right? "On my Raspberry Pi B+, I just have normal internet access from wlan0."

    – Shiki
    Nov 28 '15 at 10:23













  • @Shiki Yes, wlan0 is connected to the internet

    – wb9688
    Nov 28 '15 at 10:24













  • What is the routing table on your laptop? ip route show.

    – MariusMatutiae
    Nov 28 '15 at 10:44



















  • 1) try to ping an IP, not a hostname. hostname resolve needs DNS too. 2) You say you have access on your RPI from Wlan. Then the in interface is the wifi, and out is eth0, isn't it? ( revsys.com/writings/quicktips/nat.html )

    – Shiki
    Nov 28 '15 at 10:19













  • If I ping an IP, I get host not reachable

    – wb9688
    Nov 28 '15 at 10:22











  • Okay then, how about those interfaces then? Which is input, which is output? Wlan0 is where you connect the internet, right? "On my Raspberry Pi B+, I just have normal internet access from wlan0."

    – Shiki
    Nov 28 '15 at 10:23













  • @Shiki Yes, wlan0 is connected to the internet

    – wb9688
    Nov 28 '15 at 10:24













  • What is the routing table on your laptop? ip route show.

    – MariusMatutiae
    Nov 28 '15 at 10:44

















1) try to ping an IP, not a hostname. hostname resolve needs DNS too. 2) You say you have access on your RPI from Wlan. Then the in interface is the wifi, and out is eth0, isn't it? ( revsys.com/writings/quicktips/nat.html )

– Shiki
Nov 28 '15 at 10:19







1) try to ping an IP, not a hostname. hostname resolve needs DNS too. 2) You say you have access on your RPI from Wlan. Then the in interface is the wifi, and out is eth0, isn't it? ( revsys.com/writings/quicktips/nat.html )

– Shiki
Nov 28 '15 at 10:19















If I ping an IP, I get host not reachable

– wb9688
Nov 28 '15 at 10:22





If I ping an IP, I get host not reachable

– wb9688
Nov 28 '15 at 10:22













Okay then, how about those interfaces then? Which is input, which is output? Wlan0 is where you connect the internet, right? "On my Raspberry Pi B+, I just have normal internet access from wlan0."

– Shiki
Nov 28 '15 at 10:23







Okay then, how about those interfaces then? Which is input, which is output? Wlan0 is where you connect the internet, right? "On my Raspberry Pi B+, I just have normal internet access from wlan0."

– Shiki
Nov 28 '15 at 10:23















@Shiki Yes, wlan0 is connected to the internet

– wb9688
Nov 28 '15 at 10:24







@Shiki Yes, wlan0 is connected to the internet

– wb9688
Nov 28 '15 at 10:24















What is the routing table on your laptop? ip route show.

– MariusMatutiae
Nov 28 '15 at 10:44





What is the routing table on your laptop? ip route show.

– MariusMatutiae
Nov 28 '15 at 10:44










2 Answers
2






active

oldest

votes


















0














iptables allows you to filter traffic, and set up the NAT translations as you've done, but it doesn't actually have anything to do with setting up your device as a router to forward traffic between two interfaces.  The only command that actually does anything related to that is the ip_forward one.  The rest is all down to your IP setup on both the Pi and your laptop. 



(to clarify, your second line does tell iptables to permit traffic coming in on eth0 and FORWARDed to anywhere but the Pi itself, but it doesn't actually permit traffic flowing the other way so its useless by itself, and it's only relevant if you've set iptables to drop all FORWARD traffic by default)



So if the Pi itself has internet access, the real questions you need to address are:




  • what is the IP setup on the eth0 side of your network, does everything line up so your laptop can communicate normally with the Pi, and is your laptop using the Pi's eth0 address as a gateway?


  • If you have changed iptables enough to default deny all FORWARD traffic and only the rules above are in effect, you rule above ensures packets can get out but no reply can get back, so what do you actually want iptables to filter?







share|improve this answer
























  • That commands were what I found somewhere on the internet. I never changed some iptables settings. What do I have to set up on the eth0 side?

    – wb9688
    Dec 1 '15 at 18:48











  • @wb9688 - A different local network than what the wlan0 side has, so that the Pi can tell the two apart, should be all that's needed. Your laptop should have a different IP on the same network, and have a gateway that is the Pi's address. The nat table with the MASQ target should prevent you from needing more. Details would depend on the IPs that are assigned (or in wlans case, obtained from whatever access point) now, on both sides of the Pi and the laptop, So comment that in or add it to your question please.

    – Radhil
    Dec 1 '15 at 23:33





















0














At least shown commands look correct. If this isn't a complete firewall configuration you've using on Raspberry Pi, i.e. if you have have other rules or have changed default forwarding policy (it is ACCEPT by default, changed with iptables -P), you also probably need to enable reply traffic, by adding state match:



iptables -I FORWARD 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT


This will enable connection tracker to detect reply packets as belonging to the same connection originated on the inside interface and accept them.



I cant't remember for sure, if Raspberry Pi kernel hasn't enabled conntrack match, you have to use (old, deprecated) state extension instead:



iptables -I FORWARD 1 -m state --state ESTABLISHED,RELATED -j ACCEPT


You have to enter only one of these. I prefer to adding this as first rule in the chain.



The eth0 interface on Raspberry Pi and your computer behind it should have addresses from another network. For example, you can use 192.168.10.1/24 (or /255.255.255.0 which is the same) on RasPi and 192.168.10.2 on target host.



On the target host you set eth0 address of RasPi (192.168.10.1 in previous example) as the default gateway, and DNS servers to the same as set on your RasPi. You can inspect which servers RasPi uses by issuing on it: cat /etc/resolv.conf, and look to 'nameserver' entries. Or you can just set up google public DNS (8.8.8.8, 8.8.4.4).






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1006468%2fhow-do-i-forward-eth0-to-wlan0%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    iptables allows you to filter traffic, and set up the NAT translations as you've done, but it doesn't actually have anything to do with setting up your device as a router to forward traffic between two interfaces.  The only command that actually does anything related to that is the ip_forward one.  The rest is all down to your IP setup on both the Pi and your laptop. 



    (to clarify, your second line does tell iptables to permit traffic coming in on eth0 and FORWARDed to anywhere but the Pi itself, but it doesn't actually permit traffic flowing the other way so its useless by itself, and it's only relevant if you've set iptables to drop all FORWARD traffic by default)



    So if the Pi itself has internet access, the real questions you need to address are:




    • what is the IP setup on the eth0 side of your network, does everything line up so your laptop can communicate normally with the Pi, and is your laptop using the Pi's eth0 address as a gateway?


    • If you have changed iptables enough to default deny all FORWARD traffic and only the rules above are in effect, you rule above ensures packets can get out but no reply can get back, so what do you actually want iptables to filter?







    share|improve this answer
























    • That commands were what I found somewhere on the internet. I never changed some iptables settings. What do I have to set up on the eth0 side?

      – wb9688
      Dec 1 '15 at 18:48











    • @wb9688 - A different local network than what the wlan0 side has, so that the Pi can tell the two apart, should be all that's needed. Your laptop should have a different IP on the same network, and have a gateway that is the Pi's address. The nat table with the MASQ target should prevent you from needing more. Details would depend on the IPs that are assigned (or in wlans case, obtained from whatever access point) now, on both sides of the Pi and the laptop, So comment that in or add it to your question please.

      – Radhil
      Dec 1 '15 at 23:33


















    0














    iptables allows you to filter traffic, and set up the NAT translations as you've done, but it doesn't actually have anything to do with setting up your device as a router to forward traffic between two interfaces.  The only command that actually does anything related to that is the ip_forward one.  The rest is all down to your IP setup on both the Pi and your laptop. 



    (to clarify, your second line does tell iptables to permit traffic coming in on eth0 and FORWARDed to anywhere but the Pi itself, but it doesn't actually permit traffic flowing the other way so its useless by itself, and it's only relevant if you've set iptables to drop all FORWARD traffic by default)



    So if the Pi itself has internet access, the real questions you need to address are:




    • what is the IP setup on the eth0 side of your network, does everything line up so your laptop can communicate normally with the Pi, and is your laptop using the Pi's eth0 address as a gateway?


    • If you have changed iptables enough to default deny all FORWARD traffic and only the rules above are in effect, you rule above ensures packets can get out but no reply can get back, so what do you actually want iptables to filter?







    share|improve this answer
























    • That commands were what I found somewhere on the internet. I never changed some iptables settings. What do I have to set up on the eth0 side?

      – wb9688
      Dec 1 '15 at 18:48











    • @wb9688 - A different local network than what the wlan0 side has, so that the Pi can tell the two apart, should be all that's needed. Your laptop should have a different IP on the same network, and have a gateway that is the Pi's address. The nat table with the MASQ target should prevent you from needing more. Details would depend on the IPs that are assigned (or in wlans case, obtained from whatever access point) now, on both sides of the Pi and the laptop, So comment that in or add it to your question please.

      – Radhil
      Dec 1 '15 at 23:33
















    0












    0








    0







    iptables allows you to filter traffic, and set up the NAT translations as you've done, but it doesn't actually have anything to do with setting up your device as a router to forward traffic between two interfaces.  The only command that actually does anything related to that is the ip_forward one.  The rest is all down to your IP setup on both the Pi and your laptop. 



    (to clarify, your second line does tell iptables to permit traffic coming in on eth0 and FORWARDed to anywhere but the Pi itself, but it doesn't actually permit traffic flowing the other way so its useless by itself, and it's only relevant if you've set iptables to drop all FORWARD traffic by default)



    So if the Pi itself has internet access, the real questions you need to address are:




    • what is the IP setup on the eth0 side of your network, does everything line up so your laptop can communicate normally with the Pi, and is your laptop using the Pi's eth0 address as a gateway?


    • If you have changed iptables enough to default deny all FORWARD traffic and only the rules above are in effect, you rule above ensures packets can get out but no reply can get back, so what do you actually want iptables to filter?







    share|improve this answer













    iptables allows you to filter traffic, and set up the NAT translations as you've done, but it doesn't actually have anything to do with setting up your device as a router to forward traffic between two interfaces.  The only command that actually does anything related to that is the ip_forward one.  The rest is all down to your IP setup on both the Pi and your laptop. 



    (to clarify, your second line does tell iptables to permit traffic coming in on eth0 and FORWARDed to anywhere but the Pi itself, but it doesn't actually permit traffic flowing the other way so its useless by itself, and it's only relevant if you've set iptables to drop all FORWARD traffic by default)



    So if the Pi itself has internet access, the real questions you need to address are:




    • what is the IP setup on the eth0 side of your network, does everything line up so your laptop can communicate normally with the Pi, and is your laptop using the Pi's eth0 address as a gateway?


    • If you have changed iptables enough to default deny all FORWARD traffic and only the rules above are in effect, you rule above ensures packets can get out but no reply can get back, so what do you actually want iptables to filter?








    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Dec 1 '15 at 15:39









    RadhilRadhil

    25616




    25616













    • That commands were what I found somewhere on the internet. I never changed some iptables settings. What do I have to set up on the eth0 side?

      – wb9688
      Dec 1 '15 at 18:48











    • @wb9688 - A different local network than what the wlan0 side has, so that the Pi can tell the two apart, should be all that's needed. Your laptop should have a different IP on the same network, and have a gateway that is the Pi's address. The nat table with the MASQ target should prevent you from needing more. Details would depend on the IPs that are assigned (or in wlans case, obtained from whatever access point) now, on both sides of the Pi and the laptop, So comment that in or add it to your question please.

      – Radhil
      Dec 1 '15 at 23:33





















    • That commands were what I found somewhere on the internet. I never changed some iptables settings. What do I have to set up on the eth0 side?

      – wb9688
      Dec 1 '15 at 18:48











    • @wb9688 - A different local network than what the wlan0 side has, so that the Pi can tell the two apart, should be all that's needed. Your laptop should have a different IP on the same network, and have a gateway that is the Pi's address. The nat table with the MASQ target should prevent you from needing more. Details would depend on the IPs that are assigned (or in wlans case, obtained from whatever access point) now, on both sides of the Pi and the laptop, So comment that in or add it to your question please.

      – Radhil
      Dec 1 '15 at 23:33



















    That commands were what I found somewhere on the internet. I never changed some iptables settings. What do I have to set up on the eth0 side?

    – wb9688
    Dec 1 '15 at 18:48





    That commands were what I found somewhere on the internet. I never changed some iptables settings. What do I have to set up on the eth0 side?

    – wb9688
    Dec 1 '15 at 18:48













    @wb9688 - A different local network than what the wlan0 side has, so that the Pi can tell the two apart, should be all that's needed. Your laptop should have a different IP on the same network, and have a gateway that is the Pi's address. The nat table with the MASQ target should prevent you from needing more. Details would depend on the IPs that are assigned (or in wlans case, obtained from whatever access point) now, on both sides of the Pi and the laptop, So comment that in or add it to your question please.

    – Radhil
    Dec 1 '15 at 23:33







    @wb9688 - A different local network than what the wlan0 side has, so that the Pi can tell the two apart, should be all that's needed. Your laptop should have a different IP on the same network, and have a gateway that is the Pi's address. The nat table with the MASQ target should prevent you from needing more. Details would depend on the IPs that are assigned (or in wlans case, obtained from whatever access point) now, on both sides of the Pi and the laptop, So comment that in or add it to your question please.

    – Radhil
    Dec 1 '15 at 23:33















    0














    At least shown commands look correct. If this isn't a complete firewall configuration you've using on Raspberry Pi, i.e. if you have have other rules or have changed default forwarding policy (it is ACCEPT by default, changed with iptables -P), you also probably need to enable reply traffic, by adding state match:



    iptables -I FORWARD 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT


    This will enable connection tracker to detect reply packets as belonging to the same connection originated on the inside interface and accept them.



    I cant't remember for sure, if Raspberry Pi kernel hasn't enabled conntrack match, you have to use (old, deprecated) state extension instead:



    iptables -I FORWARD 1 -m state --state ESTABLISHED,RELATED -j ACCEPT


    You have to enter only one of these. I prefer to adding this as first rule in the chain.



    The eth0 interface on Raspberry Pi and your computer behind it should have addresses from another network. For example, you can use 192.168.10.1/24 (or /255.255.255.0 which is the same) on RasPi and 192.168.10.2 on target host.



    On the target host you set eth0 address of RasPi (192.168.10.1 in previous example) as the default gateway, and DNS servers to the same as set on your RasPi. You can inspect which servers RasPi uses by issuing on it: cat /etc/resolv.conf, and look to 'nameserver' entries. Or you can just set up google public DNS (8.8.8.8, 8.8.4.4).






    share|improve this answer




























      0














      At least shown commands look correct. If this isn't a complete firewall configuration you've using on Raspberry Pi, i.e. if you have have other rules or have changed default forwarding policy (it is ACCEPT by default, changed with iptables -P), you also probably need to enable reply traffic, by adding state match:



      iptables -I FORWARD 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT


      This will enable connection tracker to detect reply packets as belonging to the same connection originated on the inside interface and accept them.



      I cant't remember for sure, if Raspberry Pi kernel hasn't enabled conntrack match, you have to use (old, deprecated) state extension instead:



      iptables -I FORWARD 1 -m state --state ESTABLISHED,RELATED -j ACCEPT


      You have to enter only one of these. I prefer to adding this as first rule in the chain.



      The eth0 interface on Raspberry Pi and your computer behind it should have addresses from another network. For example, you can use 192.168.10.1/24 (or /255.255.255.0 which is the same) on RasPi and 192.168.10.2 on target host.



      On the target host you set eth0 address of RasPi (192.168.10.1 in previous example) as the default gateway, and DNS servers to the same as set on your RasPi. You can inspect which servers RasPi uses by issuing on it: cat /etc/resolv.conf, and look to 'nameserver' entries. Or you can just set up google public DNS (8.8.8.8, 8.8.4.4).






      share|improve this answer


























        0












        0








        0







        At least shown commands look correct. If this isn't a complete firewall configuration you've using on Raspberry Pi, i.e. if you have have other rules or have changed default forwarding policy (it is ACCEPT by default, changed with iptables -P), you also probably need to enable reply traffic, by adding state match:



        iptables -I FORWARD 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT


        This will enable connection tracker to detect reply packets as belonging to the same connection originated on the inside interface and accept them.



        I cant't remember for sure, if Raspberry Pi kernel hasn't enabled conntrack match, you have to use (old, deprecated) state extension instead:



        iptables -I FORWARD 1 -m state --state ESTABLISHED,RELATED -j ACCEPT


        You have to enter only one of these. I prefer to adding this as first rule in the chain.



        The eth0 interface on Raspberry Pi and your computer behind it should have addresses from another network. For example, you can use 192.168.10.1/24 (or /255.255.255.0 which is the same) on RasPi and 192.168.10.2 on target host.



        On the target host you set eth0 address of RasPi (192.168.10.1 in previous example) as the default gateway, and DNS servers to the same as set on your RasPi. You can inspect which servers RasPi uses by issuing on it: cat /etc/resolv.conf, and look to 'nameserver' entries. Or you can just set up google public DNS (8.8.8.8, 8.8.4.4).






        share|improve this answer













        At least shown commands look correct. If this isn't a complete firewall configuration you've using on Raspberry Pi, i.e. if you have have other rules or have changed default forwarding policy (it is ACCEPT by default, changed with iptables -P), you also probably need to enable reply traffic, by adding state match:



        iptables -I FORWARD 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT


        This will enable connection tracker to detect reply packets as belonging to the same connection originated on the inside interface and accept them.



        I cant't remember for sure, if Raspberry Pi kernel hasn't enabled conntrack match, you have to use (old, deprecated) state extension instead:



        iptables -I FORWARD 1 -m state --state ESTABLISHED,RELATED -j ACCEPT


        You have to enter only one of these. I prefer to adding this as first rule in the chain.



        The eth0 interface on Raspberry Pi and your computer behind it should have addresses from another network. For example, you can use 192.168.10.1/24 (or /255.255.255.0 which is the same) on RasPi and 192.168.10.2 on target host.



        On the target host you set eth0 address of RasPi (192.168.10.1 in previous example) as the default gateway, and DNS servers to the same as set on your RasPi. You can inspect which servers RasPi uses by issuing on it: cat /etc/resolv.conf, and look to 'nameserver' entries. Or you can just set up google public DNS (8.8.8.8, 8.8.4.4).







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Dec 2 '15 at 8:42









        Nikita KipriyanovNikita Kipriyanov

        30829




        30829






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1006468%2fhow-do-i-forward-eth0-to-wlan0%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Probability when a professor distributes a quiz and homework assignment to a class of n students.

            Aardman Animations

            Are they similar matrix