Last active
September 27, 2018 06:05
-
-
Save jptalusan/7059147e39f831315e394d931ab4a033 to your computer and use it in GitHub Desktop.
Pi Connected to gateway via mesh network only, acts as AP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Pi-7: Connected to internet only via Mesh network and serves as access point | |
#This serves as the bridge connecting the whole mesh to the internet | |
# This will work but you lose the ability to SSH to this? | |
# It's either that or it will lose the AP ability? | |
# After setting all the configs, just run ./setup-all.sh | |
#Takes time before activating/being in mesh and having internet | |
#Don't forget to setup the iptables and save it on reboot | |
#Don't forget to setup the AP as well. i think the main point here is in hostapd.conf | |
sudo apt-get install dnsmasq hostapd | |
# wlan1 is the adapter to be set as AP | |
# wlan0 is used for mesh networking | |
#Using raspberry jessie: | |
cat /etc/*-release | |
#manscript.sh | |
#!/bin/bash | |
out=$(sudo batctl o | wc -l) | |
ifBatExists=$(ip a show bat0 up | wc -l) | |
echo "$ifBatExists" | |
if [ "$ifBatExists" -gt 1 ] && [ "$out" -gt 2 ]; then | |
echo "Already setup batman!" | |
else | |
echo "starting batman" | |
sudo modprobe batman-adv | |
echo "Sleeping 5 seconds!!" | |
sleep 5s | |
echo "Setting wlan down" | |
sudo ip link set wlan0 down | |
sudo ifconfig wlan0 mtu 1532 | |
sudo iwconfig wlan0 mode ad-hoc | |
sudo iwconfig wlan0 essid my-mesh-network | |
sudo iwconfig wlan0 ap 46:64:A9:B2:9B:23 | |
#sudo iwconfig wlan0 ap any | |
sudo iwconfig wlan0 channel 1 | |
echo "Sleeping for 2 seconds" | |
sleep 2s | |
echo "Setting wlan0 up" | |
sudo ip link set wlan0 up | |
echo "Sleeping for 2 seconds" | |
sleep 2s | |
sudo batctl if add wlan0 | |
echo "Sleeping for 2 seconds" | |
sleep 2s | |
echo "Setting bat0 up" | |
sudo ifconfig bat0 up | |
echo "Sleeping for 5 seconds" | |
sleep 5s | |
#Change this for each mesh node ie. 172.27.0.2 on next one | |
sudo ifconfig bat0 172.27.0.7/16 | |
echo "Done!!!" | |
fi | |
#Skip deny interfaces line | |
#/etc/network/interfaces | |
#Setting up wifi access point | |
# interfaces(5) file used by ifup(8) and ifdown(8) | |
# Please note that this file is written to be used with dhcpcd | |
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf' | |
# Include files from /etc/network/interfaces.d: | |
source-directory /etc/network/interfaces.d | |
auto lo | |
iface lo inet loopback | |
iface eth0 inet manual | |
#allow-hotplug wlan0 | |
#iface wlan0 inet manual | |
# wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf | |
auto wlan0 | |
iface bat0 inet static | |
address 172.27.0.7 | |
netmask 255.255.255.0 | |
#allow-hotplug wlan1 | |
#iface wlan1 inet manual | |
# wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf | |
allow-hotplug wlan1 | |
iface wlan1 inet static | |
address 172.27.3.101 | |
netmask 255.255.255.0 | |
network 172.27.3.0 | |
broadcast 172.27.3.255 | |
#/etc/hostapd/hostapd.conf | |
interface=wlan1 | |
driver=nl80211 | |
ssid=Pi3_7-AP | |
hw_mode=g | |
channel=6 | |
ieee80211n=1 | |
wmm_enabled=1 | |
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40] | |
macaddr_acl=0 | |
auth_algs=1 | |
ignore_broadcast_ssid=0 | |
wpa=2 | |
wpa_key_mgmt=WPA-PSK | |
wpa_passphrase=raspberry | |
rsn_pairwise=CCMP | |
#/etc/dnsmasq.conf | |
interface=wlan1 # Use interface wlan0 | |
listen-address=172.27.3.101 # Explicitly specify the address to listen on | |
bind-interfaces # Bind to the interface to make sure we aren't sending things elsewhere | |
server=8.8.8.8 # Forward DNS requests to Google DNS | |
domain-needed # Don't forward short names | |
bogus-priv # Never forward addresses in the non-routed address spaces. | |
dhcp-range=172.27.3.50,172.27.3.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time | |
#iptables: https://unix.stackexchange.com/questions/205867/viewing-all-iptables-rules | |
#Take note only filter and nat tables | |
Filter table: | |
Chain INPUT (policy ACCEPT 5573 packets, 1127K bytes) | |
pkts bytes target prot opt in out source destination | |
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) | |
pkts bytes target prot opt in out source destination | |
14659 17M ACCEPT all -- bat0 wlan1 anywhere anywhere state RELATED,ESTABLISHED | |
13699 1399K ACCEPT all -- wlan1 bat0 anywhere anywhere | |
Chain OUTPUT (policy ACCEPT 1395 packets, 171K bytes) | |
pkts bytes target prot opt in out source destination | |
Nat table: | |
Chain PREROUTING (policy ACCEPT 10 packets, 1768 bytes) | |
pkts bytes target prot opt in out source destination | |
Chain INPUT (policy ACCEPT 2 packets, 740 bytes) | |
pkts bytes target prot opt in out source destination | |
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) | |
pkts bytes target prot opt in out source destination | |
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) | |
pkts bytes target prot opt in out source destination | |
483 34843 MASQUERADE all -- any bat0 anywhere anywhere | |
Mangle table: | |
Chain PREROUTING (policy ACCEPT 41707 packets, 20M bytes) | |
pkts bytes target prot opt in out source destination | |
Chain INPUT (policy ACCEPT 10388 packets, 1932K bytes) | |
pkts bytes target prot opt in out source destination | |
Chain FORWARD (policy ACCEPT 28361 packets, 18M bytes) | |
pkts bytes target prot opt in out source destination | |
Chain OUTPUT (policy ACCEPT 3841 packets, 487K bytes) | |
pkts bytes target prot opt in out source destination | |
Chain POSTROUTING (policy ACCEPT 32259 packets, 19M bytes) | |
pkts bytes target prot opt in out source destination | |
Raw table: | |
Chain PREROUTING (policy ACCEPT 41707 packets, 20M bytes) | |
pkts bytes target prot opt in out source destination | |
Chain OUTPUT (policy ACCEPT 3844 packets, 488K bytes) | |
pkts bytes target prot opt in out source destination | |
All rules in all tables printed | |
#Ifconfig | |
bat0 Link encap:Ethernet HWaddr be:64:f2:ae:cd:36 | |
inet addr:172.27.0.7 Bcast:172.27.255.255 Mask:255.255.0.0 | |
inet6 addr: fe80::bd28:93c:f328:e29e/64 Scope:Link | |
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 | |
RX packets:42119 errors:0 dropped:6958 overruns:0 frame:0 | |
TX packets:17332 errors:0 dropped:2 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1000 | |
RX bytes:20267029 (19.3 MiB) TX bytes:2092842 (1.9 MiB) | |
eth0 Link encap:Ethernet HWaddr b8:27:eb:ee:70:4a | |
UP BROADCAST MULTICAST MTU:1500 Metric:1 | |
RX packets:2300 errors:0 dropped:738 overruns:0 frame:0 | |
TX packets:201 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1000 | |
RX bytes:286697 (279.9 KiB) TX bytes:25526 (24.9 KiB) | |
lo Link encap:Local Loopback | |
inet addr:127.0.0.1 Mask:255.0.0.0 | |
inet6 addr: ::1/128 Scope:Host | |
UP LOOPBACK RUNNING MTU:65536 Metric:1 | |
RX packets:174 errors:0 dropped:0 overruns:0 frame:0 | |
TX packets:174 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1 | |
RX bytes:13738 (13.4 KiB) TX bytes:13738 (13.4 KiB) | |
wlan0 Link encap:Ethernet HWaddr b8:27:eb:bb:25:1f | |
inet addr:169.254.252.228 Bcast:169.254.255.255 Mask:255.255.0.0 | |
inet6 addr: fe80::cee3:8e2d:439:d06a/64 Scope:Link | |
UP BROADCAST RUNNING MULTICAST MTU:1532 Metric:1 | |
RX packets:169116 errors:0 dropped:29 overruns:0 frame:0 | |
TX packets:99604 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1000 | |
RX bytes:36179374 (34.5 MiB) TX bytes:16511534 (15.7 MiB) | |
wlan1 Link encap:Ethernet HWaddr 00:e0:4c:19:7f:70 | |
inet addr:172.27.3.101 Bcast:172.27.3.255 Mask:255.255.255.0 | |
inet6 addr: fe80::7ac5:5f7c:275a:a62d/64 Scope:Link | |
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 | |
RX packets:35206 errors:0 dropped:25330 overruns:0 frame:0 | |
TX packets:15053 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1000 | |
RX bytes:2319892 (2.2 MiB) TX bytes:17398802 (16.5 MiB) | |
#/etc/iptables.ipv4.nat | |
# Generated by iptables-save v1.4.21 on Tue Aug 7 05:28:42 2018 | |
*raw | |
:PREROUTING ACCEPT [550124:404637974] | |
:OUTPUT ACCEPT [3270:345971] | |
COMMIT | |
# Completed on Tue Aug 7 05:28:42 2018 | |
# Generated by iptables-save v1.4.21 on Tue Aug 7 05:28:42 2018 | |
*mangle | |
:PREROUTING ACCEPT [555941:408386208] | |
:INPUT ACCEPT [73113:25530993] | |
:FORWARD ACCEPT [468965:379903430] | |
:OUTPUT ACCEPT [3764:401556] | |
:POSTROUTING ACCEPT [472737:380305786] | |
COMMIT | |
# Completed on Tue Aug 7 05:28:42 2018 | |
# Generated by iptables-save v1.4.21 on Tue Aug 7 05:28:42 2018 | |
*filter | |
:INPUT ACCEPT [73022:25522286] | |
:FORWARD ACCEPT [0:0] | |
:OUTPUT ACCEPT [3682:393042] | |
-A FORWARD -i bat0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
-A FORWARD -i wlan1 -o bat0 -j ACCEPT | |
COMMIT | |
# Completed on Tue Aug 7 05:28:42 2018 | |
# Generated by iptables-save v1.4.21 on Tue Aug 7 05:28:42 2018 | |
*nat | |
:PREROUTING ACCEPT [43330:10942942] | |
:INPUT ACCEPT [27780:7883463] | |
:OUTPUT ACCEPT [1797:143893] | |
:POSTROUTING ACCEPT [18:2513] | |
-A POSTROUTING -o bat0 -j MASQUERADE | |
COMMIT | |
# Completed on Tue Aug 7 05:28:42 2018 | |
#Checking hostapd and dnsmasq status | |
sudo service hostapd status | |
sudo service dnsmasq status | |
#Pinging through different Interface | |
ping -I bat0 google.com |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment