I have two devices with embedded Linux. One of them (machine A) has two network interfaces: eth that is used to connect machines together and wlan interface to connect to router via WiFi. The second machine (B) has only one eth interface. My goal is to enable access to WiFi networks on machine B. I used some iptables rules to filter packets from machine A to machine B and it works. Now, I need to block dhcp traffic on the first machine so that it does not reach the second machine. I was looking for some iptables rules to do it but I found that it is impossible with iptables. Is there any other way to block that traffic?
Thank you in advance for any help.
I believe this is more or less the setup you envision. A connects to WiFi, and gets a IP address. B is connected to A via ethernet, and have their own (private RFC1918) IPs.
You want B to reach devices on the WiFi.
Now, A uses DHCP to get an IP on the WiFi interface. But it doesn't forward DHCP to different interfaces, unless you run a DHCP proxy. Furthermore, WLAN clients generally can't represent more than one MAC address, so somehow you'd have to assign an extra IP to A - or make A represent B's traffic on the WiFi.
The easy way to do this is to make A NAT traffic that's coming from ethernet, and forward it to wifi. This is what your home router does, and will allow B to talk to devices (and internet) on WiFi. Devices on that network will believe the traffic is coming from A, as they can't see B at all.
For how to NAT, see for instance this question.
You should not attempt to clone addresses or any similar silly ideas. IP's are meant to be unique.