A simple checkbox and a menu allow you to share your internet connection (no matter which interface you get it on) with any other interface (theoretically).
But, the guts of this is a little confusing. This page
http://www.manpagez.com/man/8/InternetSharing/
describes InternetSharing, a process which reads the property list com.apple.nat.plist stored in the /Library/Preferences/SystemConfiguration.
First question:
Why is the AirPort singled out with its own special entry in the plist? I understand the entries for primary interface (the source) and the sharing devices (the targets) But who cares if AirPort is enabled in this plist if you are setting up a NAT between Ethernet and Bluetooth, for example?
Second question:
Why does it allow sharing of Ethernet connection with Ethernet connection and then give you a warning that your ISP will hate you? (It also allows Firewire with Firewire) It doesn't allow Bluetooth to Bluetooth or AirPort to AirPort; the menu entries for self-reference disappear.
Third question:
How do you change the default network when you share the Ethernet through your AirPort? InternetSharing configures the IP addresses for non-AirPort interfaces starting at 192.168.2.1 and the SharingNetworkNumberStart property allows you to change that. The AirPort interface by default is assigned 10.0.2.1. How to change?
Fourth question:
If you only have one Ethernet jack on a MacBook how could you possibly have more than one interface? InternetSharing configures the IP addresses for non-AirPort interfaces starting at 192.168.2.1, walking up by one class C network (subnet mask 255.255.255.0) for each subsequent interface, i.e. 192.168.3.1, 192.168.4.1, 192.168.5.1, and so on. Is this to address the possibility of a Mac Pro or an Xserve with multiple NICs?
[SOLVED]
1) the airport is not like the other interfaces
2) the hard connections are less likely to connect to themselves-you actually have to WIRE them and nobody would do that
3)edit the bootpd.plist
4) usb adapters
tnx. i solved the problem. even tho i turned off the firewall in the gui, ipfw was still running. sudo ipfw list gave the same list of rules regardless whether i had firewall on or off. dont know how i managed to achieve that!
I looked to noobproof and turned off the rule for blocking port 80. Now it works, at least for web surfing.
Best Answer
As @bmike said, Internet Sharing hides a lot of complexity behind a very simple interface, and some of your questions can't be answered authoritatively without interviewing some of the Apple engineers behind it. But that won't stop me from taking a stab at it...
1) AirPort is different from the other interface types because in order to share over AirPort, your Mac has to actually create the wireless network (as opposed to just providing service over an existing ethernet, FireWire, etc connection). This means that InternetSharing needs to have a bunch of info about how to create the wireless network: network name (SSID), channel, security, etc.
2) Resharing over the same ethernet interface is useful under some circumstances. For example, on my home network my ISP provides limited number of static IP addresses for my use. I run a Mac doing the equivalent of Internet Sharing (actually, I set up the daemons manually as @Spiff recommended) to reshare over the same ethernet. Result: if I put a computer on my home ethernet and config it via DHCP, I get a private (behind-the-firewall) IP address from my virtually unlimited internal pool. If I manually config the computer with one of the public IPs, I get full unfitered internet access, but use up one of my limited public IP pool. Because they're both on the same network, "moving" a computer behind or in front of the firewall is just a simple configuration switch.
On the other hand, if you did this same trick on an ethernet network that already had a DHCP server, computers attaching to the network would randomly get configuration from one server or the other, leading to unpredictability, confusion, and hair-pulling. It's definitely a use-only-if-you-know-what-you're-doing feature. Fortunately, Internet Sharing is smart: if it detects another DHCP server on "its" private network, it shuts itself off to avoid trouble.
3) I don't know of a way to change the private IP range on an IS-created wireless network. On the other hand, it shouldn't really matter, since the network is being created by Internet Sharing, and therefore it doesn't have to worry about conflicts with any existing network numbering.
4) You can add interfaces with Apple's USB Ethernet Adapter. Get some USB hubs, and pile them on!