Skip to content

Instantly share code, notes, and snippets.

@mikeesto

mikeesto/hotspot.md

Last active April 19, 2023 07:47
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mikeesto/44b4378b406e3b81f4a3949dd7edb3f9 to your computer and use it in GitHub Desktop.
Save mikeesto/44b4378b406e3b81f4a3949dd7edb3f9 to your computer and use it in GitHub Desktop.
Download ZIP
Create a local WiFi hotspot with a Raspberry Pi with custom routing
Raw
hotspot.md

Create a local WiFi hotspot with custom routing on the Raspberry Pi

This setup lets you:

  • SSH into the Pi directly (e.g. ssh pi@raspberrypi)
  • Access things running on the Pi (e.g. a web server)
  • Set up fun domains that only exist within the local network, and can route to your services running on the Pi
  • Prevents any access to the internet which can be useful if you are running the Pi as a tech demo, or for teaching etc

This is a modified/shorter version from the official Pi docs.

1. Setup hostapd and dnsmasq

sudo apt install hostapd dnsmasq iptables-persistent
sudo systemctl unmask hostapd
sudo systemctl enable hostapd

2. Configure the DHCP server for wlan0

The Raspberry Pi will act as the router and we give it the first IP address in the network: 192.168.4.1.

sudo nano /etc/dhcpcd.conf

/etc/dhcpcd.conf:

interface wlan0
    static ip_address=192.168.4.1/24
    nohook wpa_supplicant

3. Configure the DHCP and DNS services

The DHCP and DNS services are provided by dnsmasq. The default configuration file serves as a template for all possible configuration options, whereas we only need a few. It is easier to start from an empty file. Rename the default configuration file and create a new one:

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
sudo nano /etc/dnsmasq.conf

/etc/dnsmasq.conf:

interface=wlan0
dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h
domain=wlan
address=/raspberry.com/192.168.4.1

The Raspberry Pi will provision IP addresses between 192.168.4.2 and 192.168.4.20, with a lease time of 24 hours, to wireless DHCP clients. The address line routes raspberry.com to the Pi. You can additional lines for additional custom domains.

4. Configure hostapd

This creates a wireless network with a SSID of raspberrypi, with bands for Australia (AU), and no password. Modify this file as needed.

sudo nano /etc/hostapd/hostapd.conf

/etc/hostapd/hostapd.conf:

country_code=AU
interface=wlan0
ssid=raspberrypi
hw_mode=g
channel=7
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0

5. Setup routing

sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.4.1:3000
sudo iptables -t nat -A POSTROUTING -j MASQUERADE

My web server is running on port 3000. The above iptable rules route traffic from port 80 to 3000. Therefore, raspberry.com routes to the web server without having to include the port number.

To persist the iptable rules:

sudo sh -c "iptables-save > /etc/iptables/rules.v4"

6. Restart the Pi and connect to it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment