[ltp] Ad-hoc 802.11b internet access

Tod Harter linux-thinkpad@linux-thinkpad.org
Thu, 12 Jun 2003 19:28:18 -0400 

You just need a very simple NAT setup. 

============cut here==============
*filter
:INPUT ACCEPT [42808052:3210082383]
:FORWARD ACCEPT [4897778:4703660987]
:OUTPUT ACCEPT [60025532:12222956037]
-A FORWARD -i eth1 -j ACCEPT
COMMIT
# Completed on Sat Jan 25 15:21:43 2003
# Generated by iptables-save v1.2.5 on Sat Jan 25 15:21:43 2003
*nat
:PREROUTING ACCEPT [254366:34036101]
:POSTROUTING ACCEPT [108509:9916167]
:OUTPUT ACCEPT [127368:12416225]
-A POSTROUTING -o eth0 -j MASQUERADE
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Sat Jan 25 15:21:43 2003
=============cut here =============

run that through iptables-restore and you SHOULD be all set...

Other things to check are that routing is enabled, most systems disable it by 
default. Your existing default route should be all you need.

Take care with security with this type of setup. Basically you're creating a 
nice wireless access point for anyone and his brother to get on the net 
and/or your LAN. 802.11b is not real secure, but I doubt there is much you 
can do with the PDA end of things, I doubt it supports PPPoE or IPSEC. You 
could create an IPTABLES rule that only lets the MAC address of the PDA 
forward packets. Check out the iptables HOW-TO, it will give you some good 
ideas to work from. 

On Wednesday 11 June 2003 08:48 am, Bret Comstock Waldow wrote:
> I've got a Thinkpad attached to a gateway/router attached to a cable
> modem via the built-in NIC, which is eth0.  I get my net parameters via
> DHCP.
>
> I've got a 3Com AirConnect PCMCIA card, which is recognized (often, but
> not always, if that's a clue about some timeout thing) as eth1, and
> assigned a static IP.  I'm not sure what gateway it's supposed to be.
>
> I've got a PDA with a wireless interface, which seems to connect to the
> eth1 interface - I can ping the PDA from the Thinkpad successfully.
>
> I want to get access to the internet from the PDA.  I've been reading
> some on the net - but the sources are mixed, of mixed antiquity, and I
> don't know enough to discern what to listen to, whose configuration file
> surgery to attempt, etc.  I don't just want to thrash around, but
> there's too much out there I don't know the relevance of to want to try
> to chew through it all.  Some talk about distros and boot-up sequences I
> don't have, and there are other differences I can't evaluate.
>
> Has anyone done something like this?  It's called "Internet Connection
> Sharing" on Windows.  Some sources call it NAT, some invoke ipmasq, or
> masquerading.
>
> I don't have an 802.11b gateway/router, it has to go by the pathway
> listed above.
>
> I run Debian Woody/stable, with some backports of packages like
> OpenOffice.org, sane 1.0.11, etc.  Kernel is 2.4.18.  Internet access
> from the Thinkpad is working fine.
>
> Just knowing what to bother with and what to ignore would be helpful,
> even if no one wants to hold my hand for this one.  What are relevant,
> up to date HowTo sources?
>
> Thanks for any help cutting through the cruft.
>
> Cheers,
> Bret
>
> --
> Bret Comstock Waldow <bwaldow@alum.mit.edu>

-- 
Tod Harter
Giant Electronic Brain
http://www.giantelectronicbrain.com