Leffler.Media-LLC
/
RaspAProuter
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11 Commits 1 Branch 0 Tags 42 KiB
Shell 100%
Go to file
Nick Leffler 3e91241863 udpated install.sh 2021-04-07 14:51:39 -04:00
etc added files 2021-04-04 00:24:51 +01:00
README.md udpated readme 2021-04-06 11:31:49 -04:00
install.sh udpated install.sh 2021-04-07 14:51:39 -04:00

README.md

RaspAProuter

This was inspired since my mother-in-law is using Calyx Institute for the internet and the new hotspot (LineZone2) they have supports USB tethering.

Calyx works where they live and my father-in-law isn't ready to afford StarLink (thank you Elon BTW).

One Line command (use at your own discretion)

curl https://git.leffler.media/Leffler.Media-LLC/RaspAProuter/raw/branch/master/install.sh | bash

Removed un-needed items

apt purge iptables

Install required items

apt install bridge-utils hostapd firewalld dnsmasq

Add country code to enable wifi

echo 'country=US' | tee -a /etc/wpa_supplicant/wpa_supplicant.conf

Enable IP Forwarding

sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf

Find NICs

It's usually safe to assume that eth0 is the on-board NIC | wlan0 is the on-board wifi

ip a to find the NICs

Now we create the bridge

nano /etc/network/interfaces

allow-hotplug eth1
auto eth1
iface eth1 inet dhcp

auto eth0
allow-hotplug eth0
iface eth0 inet manual

# automatically connect the wireless interface, but disable it for now
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual

# create a bridge with both wired and wireless interfaces
auto br0
iface br0 inet static
        address 192.168.5.1
        netmask 255.255.255.0
        bridge_ports eth0 wlan0
        bridge_fd 0
        bridge_stp off
  1. It probably wouldn't hurt to reboot now. Hopefully all is working.

Now run rfkill list to make sure that you see the wifi is Soft blocked: no on the WLAN interface which will probably be 0

Add firewalld rules

firewall-cmd --zone=home --add-interface=br0
firewall-cmd --zone=public --add-interface=eth1
firewall-cmd --zone=public --add-masquerade
firewall-cmd --zone=home --add-service=dns
firewall-cmd --zone=home --add-service=dhcp
firewall-cmd --zone=home --add-service=ssh
firewall-cmd --zone=public --add-service=ssh
firewall-cmd --runtime-to-permanent

Configure DNS Masq

sed -i 's/#interface=/interface=br0/g' /etc/dnsmasq.conf

Find dhcp-range and make if what you'd like. I did the following

sed -i 's/#dhcp-range=192.168.0.50,192.168.0.150,12h/dhcp-range=192.168.5.50,192.168.5.150,4h/g'

Time to configure hostapd. File is in repo for example. nano /etc/hostapd/hostapd.conf

Now we need to specify the config for the hostapd daemon

echo 'DAEMON_CONF="/etc/hostapd/hostapd.conf"' >> etc/default/hostapd

Now we can enable all services

systemctl enable dnsmasq hostapd

We can can reboot again and hopefully it's going to be working

reboot