Appearance
Raspberry Pi als Router
Link für RPI als AP: https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md
Install Deps
bash
sudo apt update
sudo apt install vim dnsmasq hostapd openconnect vpnc-scripts iptables-persistent bridge-utils -y
Reset
bash
#!/bin/bash
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo ip addr flush dev eth0
sudo ip addr flush dev wlan0
sudo killall -9 wpa_supplicant
sudo killall -9 hostapd
sudo systemctl stop dnsmasq
sudo systemctl disable dnsmasq
/etc/dnsmasq.conf
interface=wlan0
dhcp-range=192.168.40.2,192.168.40.220,255.255.255.0,24h
/etc/network/interfaces
auto eth1
allow-hotplug eth0
iface eth1 inet static
address 192.168.50.1/24
auto eth0
allow-hotplug eth0
iface eth0 inet dhcp
accesspoint.conf
interface=wlan0
driver=nl80211
ssid=dnet
hw_mode=a
channel=36
wmm_enabled=1
auth_algs=1
country_code=CH
ieee80211n=1
ieee80211ac=1
ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]
require_vht=1
ieee80211d=0
ieee80211h=0
vht_capab=[MAX-AMSDU-3839][SHORT-GI-80]
#vht_oper_chwidth=1
#vht_oper_centr_freq_seg0_idx=42
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
wpa_passphrase=datennetze
AP-Mode with forward
#!/bin/bash
../reset.sh
sudo systemctl restart networking
sudo /etc/init.d/dnsmasq start
sudo ifconfig wlan0 192.168.40.1/24
# sysctl net.ipv4.ip_forward=1, or else
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -t nat -P PREROUTING ACCEPT
sudo iptables -t nat -P INPUT ACCEPT
sudo iptables -t nat -P OUTPUT ACCEPT
sudo iptables -t nat -P POSTROUTING ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -S
sudo iptables -S -t nat
# note, last command needs to block
sudo hostapd accesspoint.conf
ap.sh
bash
#!/bin/bash
echo "flushing iptables, stopping services"
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo ip addr flush dev eth0
sudo ip addr flush dev wlan0
sudo killall -9 wpa_supplicant
sudo killall -9 hostapd
sudo systemctl stop dnsmasq
sudo systemctl disable dnsmasq
echo "starting apmode"
# sudo systemctl restart networking
sudo /etc/init.d/dnsmasq start
sudo ifconfig wlan0 192.168.40.1/24
# sysctl net.ipv4.ip_forward=1, or else
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -t nat -P PREROUTING ACCEPT
sudo iptables -t nat -P INPUT ACCEPT
sudo iptables -t nat -P OUTPUT ACCEPT
sudo iptables -t nat -P POSTROUTING ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -S
sudo iptables -S -t nat
# set mac
ip link set dev eth0 down
ip link set dev eth0 up
sudo hostapd /home/pi/ap.conf
Service
[Unit]
Description=AP Service
After=network.target
[Service]
ExecStart=/home/pi/ap.sh
WorkingDirectory=/home/pi
StandardOutput=inherit
StandardError=inherit
Restart=always
RestartSec=20s
User=root
[Install]
WantedBy=multi-user.target
Service installieren
vim ap.service sudo ln -s ~/ap.service /etc/systemd/system/ sudo systemctl start ap.service sudo systemctl enable ap.service