使用 iptables 从两个不同的连接共享互联网连接
sharing internet connection from two different connections with iptables
我写了一个 c++ 代码来从 wlan0 或 eth1 与 eth0 共享互联网,代码工作正常。
与 eth0 共享 eth1 的代码:
cmd = "systemctl stop networking";
system(cmd.c_str());
cmd = "iptables -A FORWARD -o eth1 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT";
system(cmd.c_str());
cmd = "ptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT";
system(cmd.c_str());
cmd = "iptables -t nat -F POSTROUTING";
system(cmd.c_str());
cmd = "iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE";
system(cmd.c_str());
cmd = "iptables-save | tee /etc/iptables.sav";
system(cmd.c_str());
cmd = "iptables-restore < /etc/iptables.sav";
system(cmd.c_str());
cmd = "sysctl net.ipv4.ip_forward=1";
system(cmd.c_str());
cmd = "ip route add default via 192.168.2.230";
system(cmd.c_str());
cmd = "/etc/init.d/networking restart";
system(cmd.c_str());
与 eth0 共享 wlan0 的代码:
cmd = "systemctl stop networking";
system(cmd.c_str());
cmd = "iptables -A FORWARD -o wlan0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT";
system(cmd.c_str());
cmd = "ptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT";
system(cmd.c_str());
cmd = "iptables -t nat -F POSTROUTING";
system(cmd.c_str());
cmd = "iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE";
system(cmd.c_str());
cmd = "iptables-save | tee /etc/iptables.sav";
system(cmd.c_str());
cmd = "iptables-restore < /etc/iptables.sav";
system(cmd.c_str());
cmd = "sysctl net.ipv4.ip_forward=1";
system(cmd.c_str());
cmd = "ip route add default via 192.168.2.230";
system(cmd.c_str());
cmd = "/etc/init.d/networking restart";
system(cmd.c_str());
如果我使用其中一个代码,我的连接将成功与 eth0 共享,但现在在某些情况下我需要在 wlan0 和 eth1 之间切换,如果我尝试在 运行 中再次使用这些代码应用程序我收到连接错误我看到的错误:
Error: Connection activation failed: (5) IP configuration could not be reserved (no available address, timeout, etc.).
Error in connecting 113 - No route to host
似乎我不能在应用程序中使用代码两次,而它是 运行,所以我做错了什么,我应该如何正确地进行这些配置?
嗯,我已经找到解决办法了,首先我有一张 SIMCARD 和一个 WIFI 连接,SIMCARD 连接是 ppp0 而不是 eth1,我的第一个错误...
第二个问题是当我连接 WIFI 时 ppp0 无法 ping 任何目的地并且无法连接到互联网,所以我需要在共享我的 ppp0 之前使用“nmcli r wifi off”命令关闭 WIFI与 eth0 的连接。
所以最后的代码是:
共享 wlan0 的代码:
iptables -A FORWARD -o wlan0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
iptables-save | tee /etc/iptables.sav
iptables-restore < /etc/iptables.sav
sysctl net.ipv4.ip_forward=1
ip route add default via 192.168.2.230
/etc/init.d/networking restart
用于清除 wlan0 共享和路由设置的代码:
iptables -D FORWARD -o wlan0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -D FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -F POSTROUTING
iptables-save | tee /etc/iptables.sav
iptables-restore < /etc/iptables.sav
sysctl net.ipv4.ip_forward=0
ip route del 192.168.2.0/24
/etc/init.d/networking restart
共享 ppp0 的代码:
nmcli r wifi off
iptables -A FORWARD -o ppp0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables-save | tee /etc/iptables.sav
iptables-restore < /etc/iptables.sav
sysctl net.ipv4.ip_forward=1
ip route add default via 192.168.2.230
/etc/init.d/networking restart
用于清除 ppp0 共享和路由设置的代码:
iptables -D FORWARD -o ppp0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -D FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -F POSTROUTING
iptables-save | tee /etc/iptables.sav
iptables-restore < /etc/iptables.sav
sysctl net.ipv4.ip_forward=0
ip route del 192.168.2.0/24
/etc/init.d/networking restart
我写了一个 c++ 代码来从 wlan0 或 eth1 与 eth0 共享互联网,代码工作正常。
与 eth0 共享 eth1 的代码:
cmd = "systemctl stop networking";
system(cmd.c_str());
cmd = "iptables -A FORWARD -o eth1 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT";
system(cmd.c_str());
cmd = "ptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT";
system(cmd.c_str());
cmd = "iptables -t nat -F POSTROUTING";
system(cmd.c_str());
cmd = "iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE";
system(cmd.c_str());
cmd = "iptables-save | tee /etc/iptables.sav";
system(cmd.c_str());
cmd = "iptables-restore < /etc/iptables.sav";
system(cmd.c_str());
cmd = "sysctl net.ipv4.ip_forward=1";
system(cmd.c_str());
cmd = "ip route add default via 192.168.2.230";
system(cmd.c_str());
cmd = "/etc/init.d/networking restart";
system(cmd.c_str());
与 eth0 共享 wlan0 的代码:
cmd = "systemctl stop networking";
system(cmd.c_str());
cmd = "iptables -A FORWARD -o wlan0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT";
system(cmd.c_str());
cmd = "ptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT";
system(cmd.c_str());
cmd = "iptables -t nat -F POSTROUTING";
system(cmd.c_str());
cmd = "iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE";
system(cmd.c_str());
cmd = "iptables-save | tee /etc/iptables.sav";
system(cmd.c_str());
cmd = "iptables-restore < /etc/iptables.sav";
system(cmd.c_str());
cmd = "sysctl net.ipv4.ip_forward=1";
system(cmd.c_str());
cmd = "ip route add default via 192.168.2.230";
system(cmd.c_str());
cmd = "/etc/init.d/networking restart";
system(cmd.c_str());
如果我使用其中一个代码,我的连接将成功与 eth0 共享,但现在在某些情况下我需要在 wlan0 和 eth1 之间切换,如果我尝试在 运行 中再次使用这些代码应用程序我收到连接错误我看到的错误:
Error: Connection activation failed: (5) IP configuration could not be reserved (no available address, timeout, etc.).
Error in connecting 113 - No route to host
似乎我不能在应用程序中使用代码两次,而它是 运行,所以我做错了什么,我应该如何正确地进行这些配置?
嗯,我已经找到解决办法了,首先我有一张 SIMCARD 和一个 WIFI 连接,SIMCARD 连接是 ppp0 而不是 eth1,我的第一个错误...
第二个问题是当我连接 WIFI 时 ppp0 无法 ping 任何目的地并且无法连接到互联网,所以我需要在共享我的 ppp0 之前使用“nmcli r wifi off”命令关闭 WIFI与 eth0 的连接。
所以最后的代码是:
共享 wlan0 的代码:
iptables -A FORWARD -o wlan0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
iptables-save | tee /etc/iptables.sav
iptables-restore < /etc/iptables.sav
sysctl net.ipv4.ip_forward=1
ip route add default via 192.168.2.230
/etc/init.d/networking restart
用于清除 wlan0 共享和路由设置的代码:
iptables -D FORWARD -o wlan0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -D FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -F POSTROUTING
iptables-save | tee /etc/iptables.sav
iptables-restore < /etc/iptables.sav
sysctl net.ipv4.ip_forward=0
ip route del 192.168.2.0/24
/etc/init.d/networking restart
共享 ppp0 的代码:
nmcli r wifi off
iptables -A FORWARD -o ppp0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables-save | tee /etc/iptables.sav
iptables-restore < /etc/iptables.sav
sysctl net.ipv4.ip_forward=1
ip route add default via 192.168.2.230
/etc/init.d/networking restart
用于清除 ppp0 共享和路由设置的代码:
iptables -D FORWARD -o ppp0 -i eth0 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -D FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -F POSTROUTING
iptables-save | tee /etc/iptables.sav
iptables-restore < /etc/iptables.sav
sysctl net.ipv4.ip_forward=0
ip route del 192.168.2.0/24
/etc/init.d/networking restart