dnet

Appearance

Return to top
On this page

Raspberry Pi als Router

Link für RPI als AP: https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md

Install Deps

bash
sudo apt update
sudo apt install vim dnsmasq hostapd openconnect vpnc-scripts iptables-persistent bridge-utils -y

Reset

bash
#!/bin/bash

sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F

sudo ip addr flush dev eth0
sudo ip addr flush dev wlan0

sudo killall -9 wpa_supplicant
sudo killall -9 hostapd

sudo systemctl stop dnsmasq
sudo systemctl disable dnsmasq

/etc/dnsmasq.conf 

interface=wlan0
dhcp-range=192.168.40.2,192.168.40.220,255.255.255.0,24h

/etc/network/interfaces 

auto eth1
allow-hotplug eth0
iface eth1 inet static
        address 192.168.50.1/24

auto eth0
allow-hotplug eth0
iface eth0 inet dhcp

accesspoint.conf 

interface=wlan0
driver=nl80211
ssid=dnet
hw_mode=a
channel=36
wmm_enabled=1
auth_algs=1
country_code=CH

ieee80211n=1
ieee80211ac=1
ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]

require_vht=1
ieee80211d=0
ieee80211h=0
vht_capab=[MAX-AMSDU-3839][SHORT-GI-80]
#vht_oper_chwidth=1
#vht_oper_centr_freq_seg0_idx=42

wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
wpa_passphrase=datennetze

AP-Mode with forward 

#!/bin/bash
../reset.sh

sudo systemctl restart networking
sudo /etc/init.d/dnsmasq start
sudo ifconfig wlan0 192.168.40.1/24
# sysctl net.ipv4.ip_forward=1, or else
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F


sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT

sudo iptables -t nat -P PREROUTING ACCEPT
sudo iptables -t nat -P INPUT ACCEPT
sudo iptables -t nat -P OUTPUT ACCEPT
sudo iptables -t nat -P POSTROUTING ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

sudo iptables -S
sudo iptables -S -t nat

# note, last command needs to block
sudo hostapd accesspoint.conf

ap.sh

bash
#!/bin/bash

echo "flushing iptables, stopping services"

sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F

sudo ip addr flush dev eth0
sudo ip addr flush dev wlan0

sudo killall -9 wpa_supplicant
sudo killall -9 hostapd

sudo systemctl stop dnsmasq
sudo systemctl disable dnsmasq

echo "starting apmode"

# sudo systemctl restart networking
sudo /etc/init.d/dnsmasq start
sudo ifconfig wlan0 192.168.40.1/24
# sysctl net.ipv4.ip_forward=1, or else
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F


sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT

sudo iptables -t nat -P PREROUTING ACCEPT
sudo iptables -t nat -P INPUT ACCEPT
sudo iptables -t nat -P OUTPUT ACCEPT
sudo iptables -t nat -P POSTROUTING ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

sudo iptables -S
sudo iptables -S -t nat

# set mac
ip link set dev eth0 down
ip link set dev eth0 up


sudo hostapd /home/pi/ap.conf

Service 

[Unit]
Description=AP Service
After=network.target

[Service]
ExecStart=/home/pi/ap.sh
WorkingDirectory=/home/pi
StandardOutput=inherit
StandardError=inherit
Restart=always
RestartSec=20s
User=root

[Install]
WantedBy=multi-user.target

Service installieren

vim ap.service sudo ln -s ~/ap.service /etc/systemd/system/ sudo systemctl start ap.service sudo systemctl enable ap.service