sometimes we need to share our internect connection without losing any protection, here ufw can help us.
1:
open /etc/default/ufw
change DEFAULT_FORWARD_POLICY = "ACCEPT"
DEFAULT_INCOMING_POLICY = "ACCEPT"
2: open /etc/ufw/sysctl.conf and uncomment
net/ipv4/ip_forward=1
for ipv6 net/ipv6/conf/default/forwarding=1
3: add rules to the /etc/ufw/before.rules
right beneath *filter rules
add
*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.2.0/24 -o ppp0 -j MASQUERADE
sudo ufw disable & enable
done.