Checklist:
Setup interfaces
Setup dhcp server
Enable routing
Setup iptables script
Setup service to start iptable script on startup.
Install DHCP server
apt install isc-dhcp-server
/etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
allow booting;
allow bootp;
subnet 192.168.52.0 netmask 255.255.255.0 {
range 192.168.52.10 192.168.52.30;
option broadcast-address 192.168.52.255;
option routers 192.168.52.1;
option domain-name-servers 8.8.8.8;
filename "pxelinux.0";
next-Server 192.168.52.1;
}
Start service and enable at boot
systemctl start isc-dhcp-server6.service systemctl enable isc-dhcp-server6.service
Test by typing
sudo netstat -uap
/etc/sysctl.conf
net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 1
Restart to take affect.
sudo systemctl restart systemd-sysctl.service
Creating iptable script
/etc/myiptable.sh
#!/bin/bash iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT iptables -I INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -i wlan0 -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT iptables -I FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 192.168.0.0/24 -i wlan0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
chmod a+x /etc/myiptable.sh
Create service to start script on bootup:
/etc/systemd/system/mynetwork.service
[Unit] Description= Internet sharing script to enp17s After=network.target [Service] Type=forking User=root ExecStart=/etc/myiptable.sh [Install] WantedBy=multi-user.target