![]() Pre-up iptables -A FORWARD -i wlan1 -o wlan0 -j ACCEPT Pre-up echo 1 > /proc/sys/net/ipv4/ip_forward Pre-up iptables -A INPUT -m conntrack -ctstate RELATED,ESTABLISHED -j ACCEPT Just keep in mind that if you choose a common network, like 192.168.0.0/24 or 192.168.2.0/24 or even 10.0.0.0/8 (more common than I like to think about), you will end up with trouble routing, and will have to choose a new internal network on the fly to make things work. Any RFC-1918 subnet will work just fine, though. I chose 192.168.9.0/24 because I have 8 other networks allocated at home, and this one would not conflict. I just put the rules directly in the network interface configuration. The iptables rules are relatively simple, so something like ferm was overkill. I chose to use wlan0 as the wifi client, and wlan1 as the access point. After installing the base image, install all of the available patches. At the time of this writing, the latest stable version was Jessie, or 8.0. The base system is simply the latest Raspbian Lite, found at. Supporting services include dnsmasq for DHCP and a local caching DNS server, and some iptables rules to safely glue the two interfaces together. I decided to see what I could do with it to create my own wifi bridge/firewall, and it works quite well! The overall idea is to have one wifi adapter acting as an access point that my computer connects to, and the other acting as a client connected to whichever wifi network is available. I happened to have an extra Raspberry Pi Model B+ laying around, along with a couple of USB wifi adapters for it. That was the moment that I realized that my work was not as mobile as I thought it was. Normally, when I'm at home, I just have the macOS firewall disabled because I'm located safely behind my home firewall on my own network segment. The problem was, the type of work I do requires that I have a handful of virtual machines on my laptop with some non-standard networking between them, and enabling the firewall on macOS broke it all. ![]() I found solace at a nearby Starbucks, and I figured all would be fine. So, I had to find another location to work for the day. ![]() A storm had come through that night, and knocked the whole area out. The other day I found myself with no internet connection at home.
0 Comments
Leave a Reply. |