Last active
January 25, 2022 23:12
-
-
Save brettbeeson/4ecf4eb21b39f502a4c50bd1e196e90c to your computer and use it in GitHub Desktop.
Setup Raspi Zero W router with wlan1 Wifi Dongle
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Hardware setup | |
# | |
# - plug in wifi dongle. It will connect as a station to an upstream access point: wlan1(STA) | |
# - onboard wifi is wlan0. It will be an access point. It will forward traffic to wlan1. | |
# Update system if required | |
echo Warning: updating system. This might take a while. | |
sudo apt update -y | |
sudo apt upgrade -y | |
echo You should REBOOT now if system was updated. I'll give you 20s. | |
sleep 20 | |
# Disable resolved (from systemd) as we use a different resolver (dnsmasq?) | |
sudo systemctl stop resolved | |
sudo systemctl disable resolved | |
# Not required | |
sudo systemctl stop autossh | |
sudo systemctl disable autossh | |
# ensure consistant naming so wlan0 and wlan1 don't swap | |
# https://www.raspberrypi.org/forums/viewtopic.php?t=198687 | |
sudo ln -s /dev/null /etc/systemd/network/99-default.link | |
# | |
# Software install | |
# | |
sudo apt install hostapd | |
sudo systemctl unmask hostapd | |
sudo systemctl enable hostapd | |
sudo apt install dnsmasq | |
sudo DEBIAN_FRONTEND=noninteractive apt install -y netfilter-persistent iptables-persistent | |
# | |
# dhcpcd: client daemon for DHCP | |
# - tell it wlan0 (AP) has a static address | |
# | |
sudo tee -a /etc/dhcpcd.conf > /dev/null <<EOT | |
# static address for AP | |
interface wlan0 | |
static ip_address=192.168.4.1/24 | |
nohook wpa_supplicant | |
EOT | |
# | |
# iptables: r | |
# - route packets from wlan0(AP) to wlan1(station with internet) | |
# - use NAT (i.e. this box acts like a gateway) | |
# | |
sudo tee -a /etc/sysctl.d/routed-ap.conf > /dev/null <<EOT | |
# https://www.raspberrypi.org/documentation/configuration/wireless/access-point-routed.md | |
# Enable IPv4 routing | |
net.ipv4.ip_forward=1 | |
EOT | |
# | |
sudo iptables -t nat -A POSTROUTING -o wlan1 -j MASQUERADE | |
# forward from wlan0 (AP) to wlan1 (station) | |
sudo iptables -A FORWARD -i wlan1 -o wlan0 -j ACCEPT | |
sudo netfilter-persistent save | |
# | |
# dnsmasq: DHCP server and DNS server | |
# - use DHCP on wlan0 (AP) | |
# | |
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig | |
sudo tee -a /etc/dnsmasq.conf > /dev/null <<EOT | |
interface=wlan0 # Listening interface | |
dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h | |
# Pool of IP addresses served via DHCP | |
domain=wlan # Local wireless DNS domain | |
address=/gw.wlan/192.168.4.1 # Alias for this router | |
EOT | |
sudo tee -a /etc/hostapd/hostapd.conf > /dev/null <<EOT | |
country_code=AU | |
interface=wlan0 | |
ssid=router | |
hw_mode=g | |
channel=7 | |
macaddr_acl=0 | |
auth_algs=1 | |
ignore_broadcast_ssid=0 | |
wpa=2 | |
wpa_passphrase=password | |
wpa_key_mgmt=WPA-PSK | |
wpa_pairwise=TKIP | |
rsn_pairwise=CCMP | |
EOT | |
# Prompt to customise | |
echo You should modify openvpn and required the systemd-resolved references. Do this: | |
echo vim /etc/openvpn/client.conf | |
echo You should set the wifi password: | |
echo vim /etc/wpa_supplicant/wpa_supplicant.conf | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment