#!/bin/bash

# This script will enable internet connection sharing
# for Linux.  This is done using iptables and a kernel
# feature that enables us to allow IP forwarding.  It
# will not work if you are not already able to access
# the Internet from this machine.  If you are unable
# to access the Internet from client machines after
# running this script, you most likely have a DNS
# issue.

if [ "`whoami`" != "root" ] ; then
 echo "You must be root to use this script."
 exit 1
fi
gwdev=`route -n | grep ^0.0.0.0 | awk '{print $8}'`
if [ -x `which iptables` ] ; then
 ipt=`which iptables`
else
 echo "iptables is not installed, is not in your path, or is not executable.  Aborting."
 exit 1
fi
function die() {
 echo $1
 exit 1
}
if [ ! -x $ipt ] ; then
 echo "iptables does not exist, is not in your PATH, or is not executable"
 exit 1
fi
echo "Enabling IP forwarding..."
test -z `echo "1" > /proc/sys/net/ipv4/ip_forward` || die "IP forwarding failed"
echo "Enabling IP masquerading..."
test -z `iptables -t nat -I POSTROUTING -o $gwdev -j MASQUERADE` || die "Masquerade failed"
echo "Allowing traffic traffic from the local network..."
test -z `iptables -I FORWARD -o $gwdev -j ACCEPT` || die "Allow forwarded traffic failed"
echo "Enabling connection tracking..."
test -z `iptables -I FORWARD -i $gwdev -m state --state ESTABLISHED,RELATED -j ACCEPT` || die "Connection tracking failed"
echo "Internet connection sharing enabled.  Enjoy!"