Last active
September 27, 2018 06:03
-
-
Save jptalusan/cb00cb288ff8b4ac1ec0ac29ae8edc5c to your computer and use it in GitHub Desktop.
Pi Connected to eth-0 acting as gateway
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Pi-6: Connected to eth0 internet | |
#This serves as the bridge connecting the whole mesh to the internet | |
# This will work but you lose the ability to SSH to this? | |
# It's either that or it will lose the AP ability? | |
# After setting all the configs, just run ./setup-all.sh | |
# ****DONT TRUST ALL hahaha until Sept. 27, when i will retry it again | |
#OK So far all these works. I'm not sure if there are other config files that need to be changed. | |
# I just ran setup-all.sh on this and manscript.sh on pi-7 and after a while it works. | |
# sudo apt-get install dnsmasq hostapd | |
#I'll try again now when I attempt to change battery of pi-7 after restart. | |
# wlan1 is the adapter to be set as AP | |
# wlan0 is used for mesh networking | |
#Using raspberry jessie: | |
cat /etc/*-release | |
#manscript.sh | |
sudo modprobe batman-adv | |
sudo modprobe ebtables | |
sudo modprobe ipv6 | |
sudo ifconfig wlan0 mtu 1532 | |
sudo iwconfig wlan0 mode ad-hoc essid my-mesh-network ap any channel 1 | |
sudo ifconfig wlan0 down | |
sudo batctl if add wlan0 | |
sudo ifconfig wlan0 up | |
sudo brctl addbr mesh0 | |
sudo brctl addif mesh0 eth0 | |
sudo brctl addif mesh0 bat0 | |
sudo ifconfig eth0 up | |
sudo ifconfig bat0 up | |
sudo ifconfig mesh0 up | |
#setup-all.sh | |
./manscript.sh | |
sleep 1s | |
sudo /etc/init.d/networking restart | |
sleep 1s | |
sudo ifup wlan1 | |
sleep 2s | |
sudo service hostapd stop | |
sudo service dnsmasq stop | |
sleep 2s | |
sudo service hostapd start | |
sudo service dnsmasq start | |
sleep 2s | |
sudo iptables -t nat -A POSTROUTING -o mesh0 -j MASQUERADE | |
sudo iptables -A FORWARD -i mesh0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
sudo iptables -A FORWARD -i wlan1 -o mesh0 -j ACCEPT | |
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | |
sudo iptables -A FORWARD -i eth0 -o mesh0 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
sudo iptables -A FORWARD -i mesh0 -o eth0 -j ACCEPT | |
#Skip deny interfaces line | |
#Setting up wifi access point | |
# interfaces(5) file used by ifup(8) and ifdown(8) | |
# Please note that this file is written to be used with dhcpcd | |
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf' | |
# Include files from /etc/network/interfaces.d: | |
source-directory /etc/network/interfaces.d | |
auto lo | |
iface lo inet loopback | |
iface eth0 inet manual | |
#allow-hotplug wlan0 | |
#iface wlan0 inet manual | |
# wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf | |
auto mesh0 | |
iface mesh0 inet static | |
address 172.27.0.6 | |
netmask 255.255.255.0 | |
#gateway 172.27.0.6 | |
#allow-hotplug wlan1 | |
#iface wlan1 inet manual | |
# wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf | |
allow-hotplug wlan1 | |
iface wlan1 inet static | |
address 172.27.3.100 | |
netmask 255.255.255.0 | |
network 172.27.3.0 | |
broadcast 172.27.3.255 | |
#/etc/hostapd/hostapd.conf | |
interface=wlan1 | |
bridge=mesh0 | |
driver=nl80211 | |
ssid=Pi3_6-AP | |
hw_mode=g | |
channel=6 | |
ieee80211n=1 | |
wmm_enabled=1 | |
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40] | |
macaddr_acl=0 | |
auth_algs=1 | |
ignore_broadcast_ssid=0 | |
wpa=2 | |
wpa_key_mgmt=WPA-PSK | |
wpa_passphrase=raspberry | |
rsn_pairwise=CCMP | |
#/etc/dnsmasq.conf | |
interface=wlan1 # Use interface wlan0 | |
listen-address=172.27.3.100 # Explicitly specify the address to listen on | |
bind-interfaces # Bind to the interface to make sure we aren't sending things elsewhere | |
server=8.8.8.8 # Forward DNS requests to Google DNS | |
domain-needed # Don't forward short names | |
bogus-priv # Never forward addresses in the non-routed address spaces. | |
dhcp-range=172.27.3.102,172.27.3.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time | |
#iptables: https://unix.stackexchange.com/questions/205867/viewing-all-iptables-rules | |
#Ignore some of the duplicates | |
Filter table: | |
Chain INPUT (policy ACCEPT 90509 packets, 24M bytes) | |
pkts bytes target prot opt in out source destination | |
Chain FORWARD (policy ACCEPT 2070 packets, 678K bytes) | |
pkts bytes target prot opt in out source destination | |
0 0 ACCEPT all -- eth0 wlan1 anywhere anywhere state RELATED,ESTABLISHED | |
0 0 ACCEPT all -- wlan1 eth0 anywhere anywhere | |
0 0 ACCEPT all -- mesh0 wlan1 anywhere anywhere state RELATED,ESTABLISHED | |
0 0 ACCEPT all -- wlan1 mesh0 anywhere anywhere | |
0 0 ACCEPT all -- eth0 mesh0 anywhere anywhere state RELATED,ESTABLISHED | |
7 2324 ACCEPT all -- mesh0 eth0 anywhere anywhere | |
0 0 ACCEPT all -- mesh0 wlan1 anywhere anywhere state RELATED,ESTABLISHED | |
0 0 ACCEPT all -- wlan1 mesh0 anywhere anywhere | |
0 0 ACCEPT all -- eth0 mesh0 anywhere anywhere state RELATED,ESTABLISHED | |
0 0 ACCEPT all -- mesh0 eth0 anywhere anywhere | |
0 0 ACCEPT all -- mesh0 wlan1 anywhere anywhere state RELATED,ESTABLISHED | |
0 0 ACCEPT all -- wlan1 mesh0 anywhere anywhere | |
0 0 ACCEPT all -- eth0 mesh0 anywhere anywhere state RELATED,ESTABLISHED | |
0 0 ACCEPT all -- mesh0 eth0 anywhere anywhere | |
Chain OUTPUT (policy ACCEPT 5443 packets, 1124K bytes) | |
pkts bytes target prot opt in out source destination | |
Nat table: | |
Chain PREROUTING (policy ACCEPT 78652 packets, 14M bytes) | |
pkts bytes target prot opt in out source destination | |
Chain INPUT (policy ACCEPT 25628 packets, 8264K bytes) | |
pkts bytes target prot opt in out source destination | |
Chain OUTPUT (policy ACCEPT 1294 packets, 112K bytes) | |
pkts bytes target prot opt in out source destination | |
Chain POSTROUTING (policy ACCEPT 54 packets, 3814 bytes) | |
pkts bytes target prot opt in out source destination | |
24978 2157K MASQUERADE all -- any eth0 anywhere anywhere | |
1970 418K MASQUERADE all -- any mesh0 anywhere anywhere | |
0 0 MASQUERADE all -- any eth0 anywhere anywhere | |
0 0 MASQUERADE all -- any mesh0 anywhere anywhere | |
0 0 MASQUERADE all -- any eth0 anywhere anywhere | |
0 0 MASQUERADE all -- any mesh0 anywhere anywhere | |
0 0 MASQUERADE all -- any eth0 anywhere anywhere | |
Mangle table: | |
Chain PREROUTING (policy ACCEPT 150K packets, 32M bytes) | |
pkts bytes target prot opt in out source destination | |
Chain INPUT (policy ACCEPT 95199 packets, 25M bytes) | |
pkts bytes target prot opt in out source destination | |
Chain FORWARD (policy ACCEPT 2077 packets, 680K bytes) | |
pkts bytes target prot opt in out source destination | |
Chain OUTPUT (policy ACCEPT 8075 packets, 1692K bytes) | |
pkts bytes target prot opt in out source destination | |
Chain POSTROUTING (policy ACCEPT 9246 packets, 2024K bytes) | |
pkts bytes target prot opt in out source destination | |
Raw table: | |
Chain PREROUTING (policy ACCEPT 150K packets, 32M bytes) | |
pkts bytes target prot opt in out source destination | |
Chain OUTPUT (policy ACCEPT 8077 packets, 1692K bytes) | |
pkts bytes target prot opt in out source destination | |
All rules in all tables printed | |
#Ifconfig | |
eth0 Link encap:Ethernet HWaddr b8:27:eb:af:55:8c | |
inet addr:163.221.68.214 Bcast:163.221.68.255 Mask:255.255.255.0 | |
inet6 addr: fe80::33ae:b658:50df:eaf1/64 Scope:Link | |
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 | |
RX packets:10560502 errors:0 dropped:3657835 overruns:0 frame:0 | |
TX packets:69297 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1000 | |
RX bytes:1145392139 (1.0 GiB) TX bytes:8559735 (8.1 MiB) | |
lo Link encap:Local Loopback | |
inet addr:127.0.0.1 Mask:255.0.0.0 | |
inet6 addr: ::1/128 Scope:Host | |
UP LOOPBACK RUNNING MTU:65536 Metric:1 | |
RX packets:22 errors:0 dropped:0 overruns:0 frame:0 | |
TX packets:22 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1 | |
RX bytes:2102 (2.0 KiB) TX bytes:2102 (2.0 KiB) | |
mesh0 Link encap:Ethernet HWaddr 00:e0:4c:19:7f:3a | |
inet addr:169.254.104.45 Bcast:169.254.255.255 Mask:255.255.0.0 | |
inet6 addr: fe80::b5f4:ebd4:9728:d89d/64 Scope:Link | |
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 | |
RX packets:172 errors:0 dropped:0 overruns:0 frame:0 | |
TX packets:30031 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1000 | |
RX bytes:28544 (27.8 KiB) TX bytes:11584568 (11.0 MiB) | |
wlan0 Link encap:Ethernet HWaddr b8:27:eb:fa:00:d9 | |
UP BROADCAST MULTICAST MTU:1500 Metric:1 | |
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 | |
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1000 | |
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) | |
wlan1 Link encap:Ethernet HWaddr 00:e0:4c:19:7f:3a | |
inet addr:172.27.3.100 Bcast:172.27.3.255 Mask:255.255.255.0 | |
inet6 addr: fe80::2bda:444:59d5:a16f/64 Scope:Link | |
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 | |
RX packets:33108 errors:0 dropped:62011 overruns:0 frame:0 | |
TX packets:60130 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1000 | |
RX bytes:96182 (93.9 KiB) TX bytes:24791940 (23.6 MiB) | |
#/etc/iptables.ipv4.nat | |
# Generated by iptables-save v1.4.21 on Fri Aug 3 08:05:40 2018 | |
*filter | |
:INPUT ACCEPT [74:6811] | |
:FORWARD ACCEPT [0:0] | |
:OUTPUT ACCEPT [52:4692] | |
-A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
-A FORWARD -i wlan1 -o eth0 -j ACCEPT | |
COMMIT | |
# Completed on Fri Aug 3 08:05:40 2018 | |
# Generated by iptables-save v1.4.21 on Fri Aug 3 08:05:40 2018 | |
*nat | |
:PREROUTING ACCEPT [5:854] | |
:INPUT ACCEPT [5:854] | |
:OUTPUT ACCEPT [1:168] | |
:POSTROUTING ACCEPT [0:0] | |
-A POSTROUTING -o eth0 -j MASQUERADE | |
COMMIT | |
# Completed on Fri Aug 3 08:05:40 2018 | |
#/etc/bat-hosts | |
b8:27:eb:bb:25:1f pi-7 | |
b8:27:eb:fa:00:d9 pi-6 | |
b8:27:eb:2f:0a:8e pi-8 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment