2

Good day,

I am attempting to replicate a setup I have between a router and an Ubuntu PC, and have the same setup working on my MacBook (10.6, Snow Leopard).

First, I have a router that has a USB port. When I plug it into my Ubuntu PC, it creates an RNDIS connection, allowing me to connect to the router over the USB cable via an IP connection. When I plug it into my computer via USB, it gets assigned an IP address of 172.16.84.1, and a new adapter appears when I type ifconfig. I can then SSH into the device via ssh admin@172.16.84.1.

When I log in to the device, I flush the routes, then create the default route:

admin@localhost> route -f
admin@localhost> route add default 172.16.84.2

Now, in my Ubuntu machine, I use iptables to enable IP masquerading:

root@Valhalla> sudo iptables -t nat -A POSTROUTING -s 172.16.84.2 -j MASQUERADE

Once this is all done, the router has internet access over the USB connection to my PC.

I am trying to replicate this exact setup on my MacBook now (Snow Leopard), but iptables does not exist for OSX, not even a Macports version exists. I have scoured through other questions on StackOverflow that cover the usage of the ipfw command, which apparently works as a drop-in replacement for iptables. However, the syntax is significantly different, and I'm pretty much lost.

Does anyone with some experience with ipfw have some suggestions on how I could accomplish this and create a NAT connection via IP masquerading like I could with my Ubuntu PC?

Thank you for your assistance.

Cloud
  • 551

2 Answers2

1

why you just not use simple internet sharing on you macosx ? System Preferences > Sharing > Internet Sharing

for ipfw nat rules are (lats say that your internet is en0 and local interface en1)

  1. sysctl -w net.inet.ip.fw.one_pass=1 (you need to be root)
  2. sysctl -w net.inet.ip.forwarding=1
  3. /sbin/ipfw add 1040 allow ip from any to any via en1 (allow everything that will pass via local interface)
  4. /sbin/ipfw add divert natd all from any to any via en0
  5. /sbin/ipfw add pass all from any to any natd -interface en0 (where en0 your outgoing interface)
  6. /usr/sbin/natd -interface en0 (nat itself)
NauT
  • 326
1

well, the easiest way to do it using OSX is simply by using the System Preferences->Sharing->Internet Sharing. You check Internet Sharing, and configure it so it states Share your connection from Ethernet 2 (as I suppose your USB network device appears as), To computers using Ethernet (as I suppose you want your local network to be on Ethernet, otherwise choose airport or anything relevant).

The bearded way to do it is to indeed use ipfw and route. A simple google search gives a good tutorial on both methods at the following URL:

http://www.ibiblio.org/macsupport/ipfw/ (the commandline way is after the GUI way)

HTH

zmo
  • 266