This is an old revision of the document!
Since the servers need to provide services to the wireless, 10.0.0.0/24, subnet and since they have static networking a a default route out their external IPs, a new routing table, route, and rules need to be added in order to let them talk to the wireless subnet. This only applies to machines that do not have the same default route as the one handed out by DHCP
Create a new routing table
echo 1 wireless >> /etc/iproute2/rt_tables
Add the routing rule to the new table
ip route add default via 172.29.0.1 dev <lan dev> table wireless
Add routing rules
ip rule add to 10.0.0.0/24 dev <lan dev> table wireless ip rule add from 10.0.0.0/24 dev <lan dev> table wireless
Add these to the POST_UP command in the netcfg profile or equivalent system so that the rules are set a boot time.
iptables config script for basic sharing setup
#!/bin/bash ipt="/usr/sbin/iptables" #Vars $WAN_IFACE="wan0" $WAN_IFACE_BAK="wan1" $SOURCE_IP="131.193.17.26"" $SOURCE_IP_BAK="131.193.35.164" #Flush active rules and delete custom chains $ipt -F $ipt -t nat -F $ipt -t mangle -F $ipt -X $ipt -t nat -X $ipt -t mangle -X #Set default policies $ipt -P INPUT ACCEPT $ipt -P FORWARD ACCEPT $ipt -P OUTPUT ACCEPT $ipt -t nat -P OUTPUT ACCEPT $ipt -t nat -P PREROUTING ACCEPT $ipt -t nat -P POSTROUTING ACCEPT $ipt -t mangle -P PREROUTING ACCEPT $ipt -t mangle -P POSTROUTING ACCEPT #loopback sanitity check $ipt -A INPUT -i lo -j ACCEPT $ipt -A OUTPUT -o lo -j ACCEPT #rewrite rule $ipt -t nat -A POSTROUTING -o $WAN_IFACE -j SNAT --to-source $SOURCE_IP $ipt -t nat -A POSTROUTING -o $WAN_IFACE_BAK -j SNAT --to-source $SOURCE_IP_BAK