How to use an USB ethernet adapter to serve local network

If your desktop computer only has one ethernet port, you may use an USB ethernet adapter and use it together with a network switch to serve a local private network. The following steps are necessary to route the local traffic through the desktop computer's orinary network port to the Internet.

Turn on IP-forwarding

On LMD7 add the following line to file /etc/sysctl.d/lmde.conf:

net.ipv4.ip_forward = 1

and activate it via

sudo sysctl -p/etc/sysctl.d/lmde.conf

Create systemd network link file

First, make sure that the USB ethernet adapter gets a name which is easier to administer. Look up the adapter's mac address by running

ip a

Now create a systemd network link file with the following content:

[Match]
MACAddress=00:e0:4c:68:00:38       # fill in MAC address here
[Link]
Name=enx1                          # the device name we want

From now on our adapter will show up as network interface enx1. If this is changed, it needs to be changed everywhere it appears below, as well. If we ever use a new adapter, just replace the MAC address in the link file.

Configure the adapter's IP address

In file /etc/network/interfaces add the following:

iface enx1 inet static
address 192.168.56.1/24

Which will serve a local network with addresses 192.168.56.0/24

Set up DNS server

Install package dnsmasq and edit file /etc/dnsmasq.conf.

interface=enx1
bind-interfaces
dhcp-range=192.168.56.200,192.168.56.250,12h

Configure firewall

Create file /etc/iptables/rules.v4 with the following content (here, eno1 is the device name of the desktop computer's ethernet port):

*filter
:INPUT ACCEPT [2981:782498]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2795:681085]
-A FORWARD -i eno1 -o enx1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i enx1 -o eno1 -j ACCEPT
COMMIT
*nat
:PREROUTING ACCEPT [369:58180]
:INPUT ACCEPT [226:36840]
:OUTPUT ACCEPT [629:50166]
:POSTROUTING ACCEPT [590:46229]
-A POSTROUTING -o eno1 -j MASQUERADE
COMMIT

Restore these rules via

sudo iptables-restore /etc/iptables/rules.v4

You should now be able to use devices on the local network and reach the internet. They will be given IP addresses via DHCP in the range 192.168.56.200 to 192.168.56.250 when connected.