Enable ip forwarding in Linux / setup Linux as a router


1. If you are running a recent 2.6 Linux Kernel this four step process should work for you. You must be root to enter this set of commands. First you need to tell your kernel that you want to allow IP forwarding.

echo 1 > /proc/sys/net/ipv4/ip_forward

2. Then you'll need to configure iptables to forward the packets from your internal network to your external network, this actually depends which interface cards you configure for your internal subnet and your external network. In this example we will base on eth0 as external and eth1 as internal.. Enter the following commands:

# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# /sbin/iptables -A FORWARD -i eth0 -o eth1 -m state 
   --state RELATED,ESTABLISHED -j ACCEPT
# /sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

3. When this is done. You can test this by pinging an external address from one of your internal machine or do a nslookup to a external domainname. If everything is working fine then we would like to save the configurations for it to automatically load up the configurations when there is a system reboot.

Edit /etc/sysctl.conf and change the line that says net.ipv4.ip_forward = 0 to net.ipv4.ip_forward = 1.

4. And the last step is to issue a command to save the iptables rules that we have entered earlier to the firewall script and usually in a fedora system, it is located in /etc/syconfig and the file iptables. To do this , enter iptables-save > /etc/sysconfig/iptables . When this is done, edit /etc/sysconfig/iptables-config and make sure IPTABLES_MODULES_UNLOAD, IPTABLES_SAVE_ON_STOP, and IPTABLES_SAVE_ON_RESTART are all set to 'yes'.