ip masquerading with mac address filtering

Markus Schönhaber ubuntu-users at list-post.mks-mail.de
Fri Apr 30 09:01:13 UTC 2010

30.04.2010 10:05, Christopher Lemire:

> I pay for wifi usage. The access points are using mac address
> filtering. I know this because I can spoof the mac of another computer
> of mine and get it online. I'd like to get both the computer's online.
> I've been trying to do ip masquerading. It hasn't been working so far.
> I am not sure if the computer connected to mine through a cross over
> cable is revealing its mac address to the access points when
> communicating. If so, how does one get around this? ping shows
> connectivity between the two computers.

What exactly have you done so far that doesn't work?

If machine A, which is connected to
1. WIFI/AP/internet/whatever upstream that may be
2. machine B
shall act as a gateway for machine B, you have to do three things:

1. Make sure machine A forwards packets, i. e. you should see
$ sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
If the above command shows "... = 0" do
$ sudo sysctl net.ipv4.ip_forward=1

2. Make sure machine A does masquerading, i. e. a netfilter rule similar
to the one you can set with this command
sudo iptables -t nat -A POSTROUTING -o <your outgoing interface> -j
(adjust to your needs) should be active.

3. Make sure machine B uses machine A as standard gateway.

Of course, there must not be any netfilter rules active that drop
forwarded packets etc.


More information about the ubuntu-users mailing list