nat-gateway-setup


Namenat-gateway-setup JSON
Version 0.11.0 PyPI version JSON
download
home_page
SummaryA utility to configure a Linux machine as a gateway for a private network.
upload_time2023-07-24 17:54:49
maintainer
docs_urlNone
authorYour Name
requires_python>=3.9,<4.0
license
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls. 
            # NAT Configurator

NAT Configurator is a CLI tool designed to set up a Linux machine as a network gateway or router. By providing Network Address Translation (NAT) services to another network interface, the Linux machine can enable internet access for devices connected to this interface, effectively creating a network behind a gateway.

This is useful for scenarios where you have a set of devices connected to a local network and you want to manage their internet access through a single point. For instance, it can be used in a home network setup where the Linux machine is a central router connecting multiple devices to the internet.

## Installation

This package is published on PyPI. You can install it using pip:

```bash
pip install nat-configurator
```

Alternatively, you can clone the repository and use poetry to build and install the package:

```bash
git clone https://github.com/your-github-username/nat-configurator.git
cd nat-configurator
poetry build
pip install dist/nat_configurator-0.1.0-py3-none-any.whl  # replace with actual filename
```

**Note:** You might need to run it with `sudo` if you encounter permission errors. This setup process involves configuring the network interface, dnsmasq, and firewall settings. Ensure to backup any existing configurations as this tool will overwrite them.

## Usage

You can provide the required information as command line arguments:

```bash
sudo nat-configurator --ip <ip> --netmask <netmask> --dhcp-start-ip <start_ip> --dhcp-ip-count <ip_count> --wlan <wlan_interface> --lan <lan_interface>
```

- `--ip`: The IP address to use for the NAT gateway.
- `--netmask`: The netmask for the network.
- `--dhcp-start-ip`: The start IP of the DHCP range.
- `--dhcp-ip-count`: The number of IPs in the DHCP range.
- `--wlan`: The incoming network interface (e.g., your WiFi interface).
- `--lan`: The local network interface (e.g., your Ethernet interface).

If arguments are not provided via command line, the tool will prompt the user to enter the required information interactively.

```bash
sudo nat-configurator
```

The tool also checks for and installs necessary dependencies, checks the firewall conditions, enables IP forwarding, configures the network interface, and sets up DNSMasq and firewall.

## Security Considerations

While setting up a Linux machine as a network gateway or router using NAT is a common practice and can simplify network management, it also comes with its own set of security implications that you need to consider. Here are a few:

1. **Single Point of Failure:** The Linux machine acting as the NAT gateway becomes a single point of failure in your network setup. If it goes down or gets compromised, all devices using it for internet access may lose connectivity or risk exposure to threats.

2. **Internal Threats:** If a device on the local network behind the NAT gateway is compromised, it can pose a threat to other devices on the same network. Since these devices are typically trusted, the compromised device could potentially launch attacks on other local devices or on the gateway itself.

3. **Security of the NAT Gateway:** The security of your NAT gateway is paramount. Ensure it is well-protected against external threats. Keep the system updated, use strong passwords, limit SSH access, and implement necessary firewall rules.

4. **Limited Isolation:** While NAT does provide a certain level of isolation between the local network and the internet, it should not be solely relied upon for security. Consider employing additional security measures such as firewalls, IDS/IPS, and regular system audits.

5. **Egress Filtering:** NAT allows outbound connections from devices on the local network. If one of these devices becomes infected with malware, it could potentially use the NAT gateway to communicate with an external command and control server. Implementing egress filtering rules on the NAT gateway can help mitigate this risk.

This tool is designed to facilitate setting up a NAT gateway, but it's crucial to remember that security is an ongoing process. Always follow the best security practices and keep your systems updated.

Raw data

            {
    "_id": null,
    "home_page": "",
    "name": "nat-gateway-setup",
    "maintainer": "",
    "docs_url": null,
    "requires_python": ">=3.9,<4.0",
    "maintainer_email": "",
    "keywords": "",
    "author": "Your Name",
    "author_email": "youremail@example.com",
    "download_url": "https://files.pythonhosted.org/packages/6e/1c/e3d2b112166a5402eef18303bfff8acf82422dba3791add1328a6b00862c/nat_gateway_setup-0.11.0.tar.gz",
    "platform": null,
    "description": "# NAT Configurator\n\nNAT Configurator is a CLI tool designed to set up a Linux machine as a network gateway or router. By providing Network Address Translation (NAT) services to another network interface, the Linux machine can enable internet access for devices connected to this interface, effectively creating a network behind a gateway.\n\nThis is useful for scenarios where you have a set of devices connected to a local network and you want to manage their internet access through a single point. For instance, it can be used in a home network setup where the Linux machine is a central router connecting multiple devices to the internet.\n\n## Installation\n\nThis package is published on PyPI. You can install it using pip:\n\n```bash\npip install nat-configurator\n```\n\nAlternatively, you can clone the repository and use poetry to build and install the package:\n\n```bash\ngit clone https://github.com/your-github-username/nat-configurator.git\ncd nat-configurator\npoetry build\npip install dist/nat_configurator-0.1.0-py3-none-any.whl  # replace with actual filename\n```\n\n**Note:** You might need to run it with `sudo` if you encounter permission errors. This setup process involves configuring the network interface, dnsmasq, and firewall settings. Ensure to backup any existing configurations as this tool will overwrite them.\n\n## Usage\n\nYou can provide the required information as command line arguments:\n\n```bash\nsudo nat-configurator --ip <ip> --netmask <netmask> --dhcp-start-ip <start_ip> --dhcp-ip-count <ip_count> --wlan <wlan_interface> --lan <lan_interface>\n```\n\n- `--ip`: The IP address to use for the NAT gateway.\n- `--netmask`: The netmask for the network.\n- `--dhcp-start-ip`: The start IP of the DHCP range.\n- `--dhcp-ip-count`: The number of IPs in the DHCP range.\n- `--wlan`: The incoming network interface (e.g., your WiFi interface).\n- `--lan`: The local network interface (e.g., your Ethernet interface).\n\nIf arguments are not provided via command line, the tool will prompt the user to enter the required information interactively.\n\n```bash\nsudo nat-configurator\n```\n\nThe tool also checks for and installs necessary dependencies, checks the firewall conditions, enables IP forwarding, configures the network interface, and sets up DNSMasq and firewall.\n\n## Security Considerations\n\nWhile setting up a Linux machine as a network gateway or router using NAT is a common practice and can simplify network management, it also comes with its own set of security implications that you need to consider. Here are a few:\n\n1. **Single Point of Failure:** The Linux machine acting as the NAT gateway becomes a single point of failure in your network setup. If it goes down or gets compromised, all devices using it for internet access may lose connectivity or risk exposure to threats.\n\n2. **Internal Threats:** If a device on the local network behind the NAT gateway is compromised, it can pose a threat to other devices on the same network. Since these devices are typically trusted, the compromised device could potentially launch attacks on other local devices or on the gateway itself.\n\n3. **Security of the NAT Gateway:** The security of your NAT gateway is paramount. Ensure it is well-protected against external threats. Keep the system updated, use strong passwords, limit SSH access, and implement necessary firewall rules.\n\n4. **Limited Isolation:** While NAT does provide a certain level of isolation between the local network and the internet, it should not be solely relied upon for security. Consider employing additional security measures such as firewalls, IDS/IPS, and regular system audits.\n\n5. **Egress Filtering:** NAT allows outbound connections from devices on the local network. If one of these devices becomes infected with malware, it could potentially use the NAT gateway to communicate with an external command and control server. Implementing egress filtering rules on the NAT gateway can help mitigate this risk.\n\nThis tool is designed to facilitate setting up a NAT gateway, but it's crucial to remember that security is an ongoing process. Always follow the best security practices and keep your systems updated.\n\n",
    "bugtrack_url": null,
    "license": "",
    "summary": "A utility to configure a Linux machine as a gateway for a private network.",
    "version": "0.11.0",
    "project_urls": null,
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "adcec78156ea635095b0086110cb7f35ecb2bfd3835df04950623ae85e9e3cf1",
                "md5": "370fcf7109e69fb525f9d091b5848f09",
                "sha256": "9baec36d90f88260fe2b04d6db56743612b73cae1e9632ada9c9e304938ee9b2"
            },
            "downloads": -1,
            "filename": "nat_gateway_setup-0.11.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "370fcf7109e69fb525f9d091b5848f09",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.9,<4.0",
            "size": 11432,
            "upload_time": "2023-07-24T17:54:48",
            "upload_time_iso_8601": "2023-07-24T17:54:48.096033Z",
            "url": "https://files.pythonhosted.org/packages/ad/ce/c78156ea635095b0086110cb7f35ecb2bfd3835df04950623ae85e9e3cf1/nat_gateway_setup-0.11.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "6e1ce3d2b112166a5402eef18303bfff8acf82422dba3791add1328a6b00862c",
                "md5": "8e3ec2e6aa3cb5ac789b1e21699b56e8",
                "sha256": "d6896fd4ac1823f1480f7bda8d7beed03784c9d989974037c3e6ff9724cfbf3c"
            },
            "downloads": -1,
            "filename": "nat_gateway_setup-0.11.0.tar.gz",
            "has_sig": false,
            "md5_digest": "8e3ec2e6aa3cb5ac789b1e21699b56e8",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.9,<4.0",
            "size": 10159,
            "upload_time": "2023-07-24T17:54:49",
            "upload_time_iso_8601": "2023-07-24T17:54:49.046511Z",
            "url": "https://files.pythonhosted.org/packages/6e/1c/e3d2b112166a5402eef18303bfff8acf82422dba3791add1328a6b00862c/nat_gateway_setup-0.11.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-07-24 17:54:49",
    "github": false,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "lcname": "nat-gateway-setup"
}
Your Name
Elapsed time: 0.15855s