CentOS / Redhat Linux Internet Connection Sharing

Q. How do I configure CentOS / Redhat Linux computer to share my internet connection? How do I configure RHEL as a software router with two interfaces? How do I share my single connection with other PCs on LAN?

A. Linux can be easily configured to share an internet connection using iptables. Al you need to two network interface cards as follows:
a) Your internal (LAN) network connected via eth0 with static ip address
b) Your external WAN) network is connected via eth1 with static ip address

Please note that interface eth1 may have public IP address or IP assigned by ISP. eth1 may be connected to a dedicated DSL / ADSL / WAN / Cable router.

Step # 1: Enable Packet Forwarding

Login as the root user. Open /etc/sysctl.conf file
# vi /etc/sysctl.conf
Add the following line to enable packet forwarding for IPv4:
Save and close the file. Restart networking:
# service network restart

Step # 2: Enable IP masquerading

In Linux networking, Network Address Translation (NAT) or Network Masquerading (IP Masquerading) is a technique of transceiving network traffic through a router that involves re-writing the source and/or destination IP addresses and usually also the TCP/UDP port numbers of IP packets as they pass through. In short, IP masquerading is used to share the internet connection.

Share internet connection

To share network connection via eth1, enter the following rule at command prompt (following useful for ppp0 or dial up connection):
# service iptables stop
# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# service iptables save
# service iptables restart

Open your Windows / Mac / Linux computer networking GUI tool and point router IP to (eth0 Linux IP). You also need to setup DNS IP such as and You should now able to ping or browse the internet:
c:> ping
c:> ping google.com

Shell Script to Setup Basic Linux Network Sharing

This is basic connection sharing, following shell script is for more advance user. [ Download the script here and modify SHARE_IF as per your requirements. ]

# Created by nixCraft - www.cyberciti.biz

# set wan interface such as eth1 or ppp0

# clean old fw
echo "Clearing old firewall rules..."
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT

# Get some kernel modules
echo "Loading kernel modules..."
$MOD ip_tables
$MOD iptable_filter
$MOD iptable_nat
$MOD ip_conntrack
$MOD ip_nat_ftp
$MOD ip_nat_irc
$MOD ip_conntrack_ftp
$MOD ip_conntrack_irc

# Clean old rules if any, rhel specific but above will take care of everything
# service iptables stop

# unlimited traffic via loopback device

echo "Setting ${SHARE_IF} as router interface..."
$IPT --table nat --append POSTROUTING --out-interface ${SHARE_IF} -j MASQUERADE

# Start other custom rules
# End other custom rules

echo "*** Instructions on TCP/IP On The Windows / Mac / Linux Masqueraded Client ***"
echo "1. Login to your other LAN desktop computers"
echo "2. Open network configuration GUI tool such. Under Windows XP - Click Start, click Control Panel, click Network and Internet Connections, and then click Network Connections"
echo "3. Set DNS (NS1 and NS2) to and"
echo "4. Select the 'Gateway' tab in the TCP/IP properties dialog."
echo "5. Enter $(ifconfig ${SHARE_IF} | grep 'inet addr:'| grep -v '' | cut -d: -f2 | awk '{ print $1}') as the default gateway."

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 19 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
19 comments… add one
  • Anas Feb 2, 2008 @ 15:14

    Dear friend,

    could i find access.log in Internet Sharing
    CentOS / Redhat Linux Internet Connection Sharing

  • anand Jun 3, 2008 @ 9:49

    thank you for the tutorial. Saved my day :)

  • gilq Jun 24, 2008 @ 10:05

    Thanks for the tutorial. Tried the advanced version, went ok for few minutes then connection timed out. Appreciate any feedback.

  • Pallav Jul 3, 2008 @ 11:36


  • denish Dec 19, 2008 @ 10:58

    i have problem to share the internet through RedHat linux plz solve my problem

  • vadi01 Jun 7, 2009 @ 21:15

    Good one. But unfortunately there is no way of controlling the users who use the connection via the server.

    I advice you use try out traffpro. A open-source monitor and security system. Allows you to have a more easier way of setting up internet sharing.

  • sarfaraz Aug 27, 2009 @ 12:40

    thank you very useful command

  • rahul khandelwal Oct 20, 2009 @ 8:58

    Great job !!!
    thanks a lot !!!!
    After Getting your solution , hardly it took 2 seconds to work out .

    THANKS a lot!!!!!

  • Indiana Sep 4, 2010 @ 19:23

    I recently purchased a sony bluray player and wanted to connect it to the internet through an old dell wireless G laptop that is no longer being actively used. The setup was
    BluRay(Ethernet port) -> Dell Laptop (Ethernet Port) -> Dell Laptop (Wireless G card) -> Wireless G Router (Integrated ADSL modem/wireless AP/router) -> Internet.
    Tried this tutorial but could not get my setup working. I disconnected my bluray and hooked up an apple macbook to the dell laptop for testing. I was able to ping the dell ethernet port (eth 0 @ and the dell wireless card (eth1 @ The wireless network is setup to obtain an IP address using DHCP from my wireless router. I was almost ready to give up when I found a different website with a tutorial. The only additional command that seemed to get my connection to work is:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    After executing this command, my apple macbook and the bluray were able to connect to the internet just fine.
    I can’t figure why the additional command is required and why it’s missing from the script. Oh, and I also had to manually setup the ethernet card address like so:
    ifconfig eth0
    I hope this helps someone!

    • pramod Feb 18, 2013 @ 6:28

      first have to configure smb.config file to configure your network.
      then u can see all connected systems which are connected to your network.
      and up your ethernet port and give ip
      configure other ip adderss in your network.

  • Joe Nov 8, 2010 @ 4:07

    It all works
    But, all the settings disappear if network is restarted.

    How to make changes persistent?

  • SIFE Jan 1, 2011 @ 13:16

    I have issue with that in VirtualBox, I have lab in VirtualBox like this:
    VBOX ( CentOS(2 nic’s, eth0 -> NAT and eth1 -> internal), 3 client’s)
    eth0: have dynamic IP, eth1 have static IP, CentOS can access to internet but other client can’t, I setup in them default gateway and static IP but it doesn’t work.

  • Gurpreet Singh Feb 21, 2011 @ 7:01

    its working thanks a lot…………….

  • vijay jadon Jul 20, 2011 @ 10:18

    i am new to red hat and i am not able to make any wireless connection. so plz provide a solution ???

  • khimanand Nov 28, 2011 @ 4:39

    thanks, this solution helps me

  • KS Ghosh Jan 30, 2012 @ 10:37

    Thanks a Lot.. Its work fine…. Now I want to stop the LAN user for accessing Bit torrent , mp3 download and other bandwidth consuming process. Will you please guide me.

  • Jouni "Rautamiekka" Järvinen Sep 12, 2012 @ 13:33

    The script uses
    1) hardcoded paths to programs where the §`which iptables`§ would be better.
    2) direct calls to iptables instead of the hardcoded.

    I had a 3rd point but forgot it.

  • luis Sep 29, 2013 @ 6:37

    Can someone please tell me how I can share my wireless internet connection via my ethernet connection to another computer? Here is my scenario: Computer 1 is connected to internet via Wireless. I want to share that wireless internet connection to computer 2 via ethernet. I don’t want to use static IP’s, I want computer 2 to be able to pick up an IP address from my home router, via computer 1. How can I accomplish this?

  • luis Sep 29, 2013 @ 6:38

    thanks in advance for your response.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum