I have a home network on two computers. The first one (with linux mint 17.2 64 bit) is the one that is connected to the Internet via cable, and from it comes the cable to the second (with windows).

Network cards have been determined, the Internet is there, and there is a network too, but I cannot distribute the Internet. On a computer with windows, it says "without access to the Internet," although it writes on Linux that there is a connection.

How do I distribute the Internet on both computers?

    2 answers 2

    a copy of my answer to the identical in essence, but a different question:

    if on the computers in the subnet the default gateway indicates the use of the server you are configuring, then it is sufficient:

    • Allow packet transfer between interfaces on this server:

      $ echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

      in order for this setting to be applied even after a reboot, uncomment (or add, if not) the line in /etc/sysctl.conf :

       net.ipv4.ip_forward=1
    • check that these packets are not distorted or blocked by netfilter (see the output of $ sudo iptables-save ).

    • add a netfiler rule for replacing the sender's address for packets arriving from the “internal” interface and going to the external interface:

       $ sudo iptables -t nat -A POSTROUTING -o внешний_интерфейс -j MASQUERADE

    if, on these computers, the default gateway is another machine (or no one is specified at all), then, in addition to allowing the transfer of packets between interfaces, you will have to “distort” these packets.

    at a minimum, a source address must be substituted for packets arriving at the “external” interface and addressed to computers on the subnet, as well as a reverse substitution of the destination address for return packets.

    Both of these actions can be performed by a netfilter directive called snat ( source nat ). An example of its addition using the iptables program:

     $ sudo iptables -t nat -A POSTROUTING -o внутренний_интерфейс -j SNAT --to-source ip-адрес

    where ip-адрес is the address assigned to the “internal” interface.

    In order not to enter one or two commands mentioned above ( iptables ... ) after each restart of the configured server, you can add them, for example, at the end of the /etc/rc.local file, but before the line exit 0 , which is usually present there (if not, just add to the end of the file). the addition of sudo , of course, is not needed in this file.

    • one
      Thanks, your answer partially helped. Those. "on paper" the Internet seems to be picked up. And on a computer with windows in the connection itself it is written that the Internet is connected. But he is not there, i.e. The browser and other programs on the Internet cannot get out. Only the torrent works - Evgeny Starostin
    • Probably, names do not rezolvitsya on clients. point the clients to a working nameserver. for example, provider, or some public: ru.stackoverflow.com/a/554664/178576 - aleksandr barakin
    • yes, I corrected this file like this nameserver 127.0.1.1 nameserver 192.168.137.1 nameserver 8.8.8.8 nameserver 8.8.4.4 nameserver 4.2.2.2 but it did not help - Evgeny Starostin
    • I stressed - on clients , not on the server. - aleksandr barakin
    • here it is not recommended to write an empty comment, but still thank you very much. Very helpful - Evgeny Starostin

    You need to make an Internet gateway.

    For example: On a Linux machine

     sudo echo 1 > /proc/sys/net/ipv4/ip_forward sudo iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o ppp0 -j MASQUERADE

    192.168.1.0/24 - home sit down.

    In windows, in the properties of the TCP / IP4 protocol, it is written in the first line of the IP home subnet, for example, 192.168.0.2, in the second subnet mask, for example, 255.255.255.0, the default gateway is 192.168.0.1

    • sudo echo 1 > /proc/sys/net/ipv4/ip_forward - please check before offering any non-working commands. - aleksandr barakin