I have the following devices in scope for this:
- My regular Internet router is connected through a wired connection (Internal network 192.168.0.0/24)
- A RPi1 that is connected through eth0 (wired) to the home network (IP 192.168.0.30). It has also a Wifi interface wlan0 that is connected to the public internet.
- Another RPi2 that is serving Kodi to a TV also connected through eth0 to the home network (IP 192.168.0.40).
RPi1 will be the router that will connect to the Internet through wlan0. RPi2 will be configured to route all of the Internet requests to RPi1 over wired LAN.
Please note that an alternative way to configure Wifi on a RPi (e.g. serving Kodi from OSMC) can be found in this blogpost.
Please note that an alternative way to configure Wifi on a RPi (e.g. serving Kodi from OSMC) can be found in this blogpost.
- Configure RPi1 to access the Wifi hotspot
- Scan your environment for the Wifi network
- Edit the Wlan configuration
- Save and test your config
- Check if your wlan0 device has received an IP address
- Install a cron task to regularly reconfigure the wlan0 interface if the Wifi connection gets disconnected
- Create a router of your RPi1
- Store your config
- Check if the rules are in effect
- On your RPi2 add a static route to use RPi1 as the gateway for Internet traffic
- Test what external IP is being used on RPi2
- Add the route
- Test for your externalIP again, it should be different now
- Also test if you can ping to www.google.com from RPi2
- Now all Internet traffic on RPi2 (192.168.0.40) will be routed through RPi1 (192.168.0.30)
iwlist wlan0 scan
sudo vi /etc/wpa_supplicant/wpa_supplicant.confAdd this config:
network={
ssid="ssid"
scan_ssid=1
key_mgmt=WPA-EAP
group=CCMP TKIP
eap=PEAP
identity="username"
password="password"
phase1="peapver=0"
phase2="MSCHAPV2"
}
wpa_cli -i wlan0 reconfigure
ifconfig wlan0 or wpa_cli -i wlan0 statusOutput:
wlan0: flags=-28605mtu 1500 inet 151.164.43.34 netmask 255.255.255.0 broadcast 151.164.43.255 ether b8:27:aa:aa:ff:c1 txqueuelen 1000 (Ethernet) RX packets 256109 bytes 319396252 (304.6 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 187107 bytes 24877570 (23.7 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vi /etc/iptables/rules.v4Add this config:
*nat -A POSTROUTING -s 192.168.0.0/24 -o wlan0 -j MASQUERADE COMMIT *filter -A INPUT -i lo -j ACCEPT # allow ssh, so that we do not lock ourselves -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT # allow incoming traffic to the outgoing connections, # et al for clients from the private network -A INPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp --icmp-type 0 -m state --state ESTABLISHED,RELATED -j ACCEPT # prohibit everything else incoming #-A INPUT -i eth0 -j DROP COMMIT
iptables-restore < /etc/iptables/rules.v4
root@hass:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp echo-reply state RELATED,ESTABLISHED Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp echo-request state NEW,RELATED,ESTABLISHED
root@kodi1:/lib# curl ifconfig.me 64.160.13.75
route add -net default gw 192.168.0.30 netmask 0.0.0.0 dev eth0
root@kodi1:/lib# curl ifconfig.me 151.164.43.34
root@kodi1:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.0.30 0.0.0.0 UG 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
No comments:
Post a Comment