Last active
March 19, 2023 17:14
-
-
Save TheCataliasTNT2k/c71bed402bb99c282cf3dc1c61fc547b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# You will need root access for this commands | |
# These things shown here are not correct according to some RFCs (e.g. IPv6 NAT), but I will do them anyway, because I can not guarantee, that my pi will get a whole /64 subnet as it should from the upstream router | |
# I assume, that you did not change anything in iptables. If you did, you should be able to set the settings correctly for IPv6 on your own. | |
# USE CAUTION: I DID NOT SECURE ANYTHING IN THIS SETUP! I AM NOT RESPONSIBLE FOR ANY DAMAGES CREATED BY THIS SCRIPT! USE IT AT YOUR OWN RISK! I USED A SECOND SCRIPT FOR SECURING THE PI, WHICH IS NOT PROVIDED HERE! | |
# I will use fc72:4444:26dd:98c9::1 as address for the pi | |
# use your own settings: | |
export IPV6_SUBNET="fc72:4444:26dd:98c9::" | |
export IPV6_SIZE="/64" | |
export PI_ADDRESS="${IPV6_SUBNET}1" | |
export IPV6_CIDR="${IPV6_SUBNET}${IPV6_SIZE}" | |
echo USE CAUTION: I DID NOT SECURE ANYTHING IN THIS SETUP! I AM NOT RESPONSIBLE FOR ANY DAMAGES CREATED BY THIS SCRIPT! USE IT AT YOUR OWN RISK! I USED A SECOND SCRIPT FOR SECURING THE PI, WHICH IS NOT PROVIDED HERE! | |
read -p "Are you sure? " -n 1 -r | |
echo # (optional) move to a new line | |
if ! [[ $REPLY =~ ^[Yy]$ ]] | |
then echo "Aborting!" | |
exit | |
fi | |
if [ "$EUID" -ne 0 ] | |
then echo "Please run as root" | |
exit | |
fi | |
# adding listen address to dnsmasq | |
echo "listen-address=${PI_ADDRESS}" >> /etc/dnsmasq.d/090_ipv6.conf | |
# adding new static address to /etc/network/interfaced.d/interfaces (unfortunately /etc/dhcpcd.conf is overwritten by raspap) | |
echo "auto wlan0" >> /etc/network/interfaces.d/interfaces | |
echo "iface wlan0 inet6 static" >> /etc/network/interfaces.d/interfaces | |
echo " address fc72:4444:26dd:98c9::1/64" >> /etc/network/interfaces.d/interfaces | |
# setting iptables rules | |
ip6tables -A POSTROUTING -t nat -j MASQUERADE | |
# install radvd (comparable to dhcp, well for the inexperienced at least) and enable it (you can use dhcpv6 as well, but some newer devices do not support it anymore) | |
apt update && apt install radvd | |
cat <<EOF >> /etc/radvd.conf | |
interface wlan0 { | |
IgnoreIfMissing on; | |
AdvSendAdvert on; | |
MinRtrAdvInterval 3; | |
MaxRtrAdvInterval 10; | |
prefix ${IPV6_CIDR} { | |
AdvOnLink on; | |
AdvAutonomous on; | |
AdvRouterAddr on; | |
}; | |
RDNSS ${PI_ADDRESS} {}; | |
}; | |
EOF | |
systemctl enable radvd | |
# configure /etc/sysctl.conf | |
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf | |
echo "net.ipv6.conf.all.forwarding=1" >> /etc/sysctl.conf | |
echo "DONE! Reboot to apply the changes!" |
Hello, The package is ip6tables not ip6tabels :)
Thats correct. Thanks you
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
The package is ip6tables not ip6tabels :)