How to configure IP forwarding for Android clients?

Staex on Android not only uses the parent node to route the traffic inside MCC network, but also uses it as the default gateway for any other traffic. This tutorial explains how to configure parent node to route the traffic from your Android device to the Internet.

First of all you need to enable IP forwarding on the parent node. To do that create a file /etc/sysctl.d/01-ip-forward.conf with the following contents.


This file ensures that IP forwarding is enabled on boot. Then enable IP forwarding manully for the running system like this.

sysctl -w net.ipv4.ip_forward=1

The next step is to setup firewall rules that control how the traffic is forwarded between MCC network and the Internet. We will use Iptables to write these rules. First we install the package that enables the rules on boot.

apt-get install iptables-persistent
dnf install iptables-services

Now we add the following rules to /etc/sysconfig/iptables.


-A FORWARD -i mcc0 -o mcc0 -j ACCEPT
-A FORWARD -i mcc0 -o eth0 -j ACCEPT
-A FORWARD -i eth0 -o mcc0 -m state --state RELATED,ESTABLISHED -j ACCEPT

If the file already contains *nat or *filter sections, add the corresponding rules to the existing sections.

Now use iptables-apply command to test if the rules are working without locking yourself out of the server.

iptables-apply < /etc/sysconfig/iptables
# use iptables-restore --test < /etc/sysconfig/iptables
# if iptables-apply is not available

Finally enable system service to apply Iptables rules now and restore them on each boot.

systemctl enable --now netfilter-persistent
systemctl enable --now iptables

Done! Now the parent node will forward the traffic from your Android device to the Internet.

See also