Jumat, 18 November 2011


On This discussion will be discussed on how to create a Gateway / PC Router using Ubuntu server. In this discussion it is assumed ubuntu has been installed.

There are two connection sharing function that applies in this case, that are:

1. The function in which the client / workstation in the LAN able to access the servers on the Internet.

2. Function is to allow the servers that we have in the LAN to be accessible and / or serving clients / workstations that exist elsewhere via a single Internet connection that we have.

Here are steps to share the internet connection using ubuntu server:

1. Make sure you have done setting the static IP address for both ethernet card.
In this example the first ethernet card (eth0) ethernet card is connected to the internet with public IP Address, IP Address and the second (eth1) is an ethernet card connected to a local network (LAN) with IP address

2. Install DNS Server

3. Install the iptables package:
$ sudo apt-get install iptables

4. Turn on IP Forwarding on the server function is:
$ sudo sysctl-w net.ipv4.conf.default.forwarding=1

5. net.ipv4.conf.default.forwarding=1

6. Edit the file / etc / sysctl.conf
$ sudo nano / etc / sysctl.conf

7. Uncomment (remove the #) the following line:
# net.ipv4.conf.default.forwarding = 1

8. Save, then type the following command:
$ Sudo / sbin / sysctl-p


To connect the LAN it is necessary to make the IP Masquerading

IP masquerading translates sources and destination address in the header of network packets. In this example ROUTER translate all network packets from different IP address in LAN (192.168.2 .*) so that the package appeared on the internet with IP Address ROUTER remember all the network packets and then the network
packet from the Internet (in response to local packages earlier) are amended and passed to the client's home.

Router system consists of four iptables commands.

The first command is forwarding packets from the Internet to the LAN (-A FORWARD).

$ Sudo iptables-A FORWARD-i eth0-o eth1-m state-state ESTABLISHED, RELATED-j ACCEPT

If this command is met with a packet in the network means:
Packet is received on eth0 (derived from the Internet):-i eth0
Packages sent to eth1 (go to LAN):-o eth1
The package was returned to the previously existing connections: - state ESTABLISHED, RELATED.
Furthermore, the kernel receives (-j ACCEPT) packets that met all three criteria. If there are network packets that come from the internet that do not meet these criteria then it will not be accepted.

Second command is still continuing, but with the opposite rule:

$ Sudo iptables-A FORWARD-i eth1-o eth0-j ACCEPT

If this command is met with the packet network means:
Received on eth1 (coming from the LAN):-i eth1.
Packages should be sent to eth0 (sent to the Internet):-o eth0.
The kernel receives a packet that meets the two criteria above, the package comes from the LAN and forwarded to the internet.

The third command is to record all incoming packets from the internet.

$ Sudo iptables-A FORWARD-j LOG

The fourth command is POST ROUTING. In this case only packets generated new connections are passed to table the NAT (Network Address Translation). Once a connection has been made
​​for MASQUERADE, then the packet headers of the resulting connection (ESTABLISHED) amended, and the packets corresponding to the package of origin (RELATED) is amended in the same way as changing the original package. In this way the packet is a response from the original packet header modified and adapted so that the package is up to the requesting client (here the example IP Address 192.168.2 .*). The command:

$ Sudo iptables-t NAT-A POSTROUTING-o eth0-j MASQUERADE

If this command is met with a package should:

Generate a connection (if it can not make the connection sebuh will not be entered into the NAT table).
Sent to eth0 (out to the internet):-o eth0.

The kernel will then disguise (MASQUERADE) all the packages found both of these criteria, in other words all the packets originating from a local client changed IP address in the package (192.168.2 .*) to, and all the response packets from the internet changed too destination to the IP address of origin.

Here are four commands above:

$ Sudo iptables-A FORWARD-i eth0-o eth1-m state-state ESTABLISHED, RELATED-j ACCEPT
$ Sudo iptables-A FORWARD-i eth1-o eth0-j ACCEPT
$ Sudo iptables-A FORWARD-j LOG
$ Sudo iptables-t NAT-A POSTROUTING-o eth0-j MASQUERADE

If you want to limit the computers (clients) connected to the internet then the fourth order can be created like this:

$ Sudo iptables-t NAT-A POSTROUTING-o eth0-j MASQUERADE-s

Connecting Several Servers to One Connection Internet
DNAT (destination NAT) allows the client on the internet to send packets into the network servers located on the LAN. In this example of an SMTP mail server on and Apache (Web) server at Both are using the TCP protocol. SMTP uses port 25 and Apache using port 80. Both of these routing using the command PREROUTING (-A PREROUTING-t NAT):

$ Sudo iptables-A PREROUTING-t NAT-p tcp-dport 25-to-source DNAT
$ Sudo iptables-A PREROUTING-t NAT-p tcp-dport 80-to-source DNAT

In order for this command runs automatically when the computer is turned on then all of the above command should be stored in the file / etc / rc.local

6 komentar:

toko baju muslim mengatakan...

This is a great posting I have read. I like your article. Thank you

Toko Obat Herbal mengatakan...

i never success to make a PC router :(
its very confused :(

widhi online mengatakan...

bentar saya translate dulu kang...
kalau ijin copas bisa gak?
kabarin kalau boleh ya :)

Obat Hiv Aids Tradisional mengatakan...

go to translate dulu yah gan !!

obat herbal demam berdarah mengatakan...

Perlu kita ketahui bahwa obat herbal Ace Max mampu mengobati berbagai macam penyakit diantaranya;kanker,jantung,struk Hiv Aids Dll.

obat herbal demam berdarah mengatakan...

Semua penyakit bisa disembuhkan Ace Max lah solusinya.

Posting Komentar

leave a comment please !
just comment, doesn't spam.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | coupon codes