Last active
February 28, 2018 04:35
-
-
Save meech-ward/41db9758c1505fcf004219c551de761e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Based on https://somesquares.org/blog/2017/10/Raspberry-Pi-router/ | |
SSID="MY-NETWORK" | |
WPA_PASSPHRASE="MY-PASSPHRASE" | |
# Enable ssh | |
touch /ssh | |
# Configure hostapd | |
# hostapd the access point software, which creates and broadcasts a wireless network to which other computers can connect. | |
apt-get install -y hostapd | |
HOSTAPD_CONF_FILE="/etc/hostapd/hostapd.conf" | |
touch $HOSTAPD_CONF_FILE | |
cat > $HOSTAPD_CONF_FILE <<- EOM | |
interface=wlan0 | |
driver=nl80211 | |
ssid=$SSID | |
hw_mode=g | |
channel=7 | |
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40] | |
wmm_enabled=0 | |
macaddr_acl=0 | |
auth_algs=1 | |
wpa=2 | |
ignore_broadcast_ssid=0 | |
wpa_passphrase=$WPA_PASSPHRASE | |
wpa_key_mgmt=WPA-PSK | |
wpa_pairwise=TKIP | |
rsn_pairwise=CCMP | |
EOM | |
HOSTAPD_DEFAULTS_FILE="/etc/defaults/hostapd" | |
echo "DAEMON_CONF=\"/etc/hostapd/hostapd.conf\"" >> $HOSTAPD_DEFAULTS_FILE | |
# Configure dnsmasq | |
# dnsmasq manages the addresses that will be handed out to computers connecting on the new network | |
apt-get install -y dnsmasq | |
DHCPCD_CONF_FILE="/etc/dhcpcd.conf" | |
cat >> $DHCPCD_CONF_FILE <<- EOM | |
interface wlan0 | |
static ip_address=192.168.1.1 | |
static routers=192.168.1.1 | |
static domain_name_servers=8.8.8.8 | |
EOM | |
DNSMASQ_CONF_FILE="/etc/dnsmasq.conf" | |
cat >> $DHCPCD_CONF_FILE <<- EOM | |
interface=wlan0 | |
domain-needed | |
bogus-priv | |
dhcp-range=192.168.1.8,192.168.1.250,12h | |
EOM | |
# Configure IP routing | |
SYSCTL_CONF_FILE="/etc/sysctl.conf" | |
echo "net.ipv4.ip_forward=1" >> $SYSCTL_CONF_FILE | |
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | |
iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT | |
# Installing iptables-persistent as the final step causes it to notice you’ve changed the defaults already, and prompts you to save your work. It’s very convenient! | |
# makes sure that settings about how to route packets between the wired Ethernet device and the WiFi device are saved, so that the connection will be restored when the Pi is restarted. | |
apt-get install -y iptables-persistent |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment