Networking

iptables

sharing an internet connection

eth0: connected to internet

wlan0: local WLAN

# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# iptables -A INPUT -i wlan0 -j ACCEPT
# echo 1 > /proc/sys/net/ipv4/ip_forward

Full NAT

# iptables -t nat -A POSTROUTING -j MASQUERADE

MAC Address Filtering

Filter (Used with FORWARD here) all incoming traffic from wlan0 and outgoing to eth0 except the specified MAC address (can add more MACs using the same command)

# iptables -P FORWARD DROP
# iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
# iptables -A FORWARD -i wlan0 -o eth0 -m mac --mac-source xx:xx:xx:xx:xx:xx -m state --state NEW -j ACCEPT

Back to top