Activate NAT on Debian etch
What is NAT ?
network address translation (NAT, also known as network masquerading or IP-masquerading) involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address (see gateway). According to specifications, routers should not act in this way, but many network administrators find NAT a convenient technique and use it widely. Nonetheless, NAT can introduce complications in communication between hosts.
First, activate IP forwarding in /etc/sysctl.conf and add the following line
# Enable packet forwarding
net.ipv4.ip_forward = 1
If you have already this line just uncomment
Now you need to restart your networking services using the following command
#/etc/init.d/networking restart
Now you need to activate NAT itself in /etc/network/interfaces
auto eth0
iface eth0 inet static
address 192.168.1.254
netmask 255.255.255.0
network 192.168.1.255
up iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
Now you need to restart your networking services using the following command
#/etc/init.d/networking restart
Disable IPv6 support on Debian
IPv6 is still not widely accepted and even less used. Many networked applications in Debian are enabling IPv6 support anyway, which result in a drop in performance and longer delays in day-to-day use.
To disallow ipv6 kernel module autoloading, deactivate it in modutils or module-init-tools in /etc/modprobe.d/aliases.
To disable IPv6 name resolution in Firefox or other Gecko-based browsers, change the following option to true
network.dns.disableIPv6
If you are interested in debian IPV6 Project check here
auto eth0
iface eth0 inet static
address 192.168.1.254
netmask 255.255.255.0
network 192.168.1.255
up iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
Probably a silly thing, but is not the network line here mixed up with the broadcast address? Should it not say something like this:
broadcast 192.168.1.255
network 192.168.1.0
Yes, obviously! You are absolutely right!