Leffler.Media-LLC/RaspAProuter
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
RaspAProuter/README.md
Nick Leffler 7ba3b56b00 updated readme
2021-04-04 00:30:25 +01:00

2.6 KiB
Raw Blame History

RaspAProuter

This was inspired since my mother-in-law is using Calyx Institute for the internet and the new hotspot (LineZone2) they have supports USB tethering and doesn't require the battery since that works be where they live and my father-in-law isn't ready to afford StarLink (thank you Elon BTW).

Removed un-needed items

apt purge iptables

Install required items

apt install bridge-utils hostapd firewalld dnsmasq

Add country code to enable wifi

echo 'country=US' | tee -a /etc/wpa_supplicant/wpa_supplicant.conf

Enable IP Forwarding

sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf

Find NICs

It's usually safe to assume that eth0 is the on-board NIC | wlan0 is the on-board wifi

ip a to find the NICs

Now we create the bridge

nano /etc/network/interfaces

allow-hotplug eth1
auto eth1
iface eth1 inet dhcp

auto eth0
allow-hotplug eth0
iface eth0 inet manual

# automatically connect the wireless interface, but disable it for now
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual

# create a bridge with both wired and wireless interfaces
auto br0
iface br0 inet static
        address 192.168.5.1
        netmask 255.255.255.0
        bridge_ports eth0 wlan0
        bridge_fd 0
        bridge_stp off
  1. It probably wouldn't hurt to reboot now. Hopefully all is working.

Now run rfkill list to make sure that you see the wifi is Soft blocked: no on the WLAN interface which will probably be 0

Add firewalld rules

firewall-cmd --zone=home --add-interface=br0
firewall-cmd --zone=public --add-interface=eth1
firewall-cmd --zone=public --add-masquerade
firewall-cmd --zone=home --add-service=dns
firewall-cmd --zone=home --add-service=dhcp
firewall-cmd --zone=home --add-service=ssh
firewall-cmd --zone=public --add-service=ssh
firewall-cmd --runtime-to-permanen

Configure DNS Masq

sed -i 's/#interface=/interface=br0/g' /etc/dnsmasq.conf

Find dhcp-range and make if what you'd like. I did the following

dhcp-range=192.168.5.50,192.168.5.150,4h

Time to configure hostapd. File is in repo for example. nano /etc/hostapd/hostapd.conf

Now we need to specify the config for the hostapd daemon

echo 'DAEMON_CONF="/etc/hostapd/hostapd.conf"' >> etc/default/hostapd

Now we can enable all services

systemctl enable dnsmasq hostapd

We can can reboot again and hopefully it's going to be working

reboot