wifi in ---- wifi out

wifi_setup.sh

# bring WiFi in from the panda adapter on wlan1
# push WiFi out from the built in adapter on wlan0
##################################################
# Install dnsmasq to provide IP addresses (via dhcp)
# Install hostapd to be an access point
#
sudo apt-get -qq install dnsmasq hostapd isc-dhcp-server ufw dnsutils netstat-nat
##################################################
# Update network interfaces
#
cat << EOF > /etc/network/interfaces
source-directory /etc/network/interfaces.d

auto lo
iface lo inet loopback

iface eth0 inet dhcp

allow-hotplug wlan1
iface wlan1 inet manual
  wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

auto wlan0
allow-hotplug wlan0
iface wlan0 inet static
  address 192.168.5.1
  netmask 255.255.255.0
  network 192.168.5.0
EOF
##################################################
# Setup hostapd
#
cat << EOF > /etc/hostapd/hostapd.conf
interface=wlan0
driver=nl80211
ssid=_wingnet-wifi_
channel=9
EOF
##################################################
# make hostapd use new conf file
#
sudo sed -i 's;\#DAEMON_CONF="";DAEMON_CONF="/etc/hostapd/hostapd.conf";' /etc/default/hostapd
##################################################
# Setup dhcpd.conf
#
sudo mv /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.default
cat << EOF > /etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.5.255;
option routers 192.168.5.1;
option domain-name-servers 192.168.5.1;
option domain-name "localdomain";
subnet 192.168.5.0 netmask 255.255.255.0 {
range 192.168.5.10 192.168.5.100;
}
EOF
##################################################
# setup isc-dhcp-server INTERFACE
#
sudo sed -i 's;\INTERFACES="";INTERFACES="wlan0 eth0";' /etc/default/isc-dhcp-server
##################################################
# Setup dnsmasq.conf
#
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
cat << EOF > /etc/dnsmasq.conf
listen-address=127.0.0.1,192.168.5.1
port=53
bind-interfaces      # Bind to wifi interface
server=8.8.8.8       # Forward DNS requests to Google DNS
no-poll
bogus-priv           # Never forward addresses in the non-routed address spaces.
neg-ttl=3600
cache-size=1000
dns-forward-max=150
domain-needed        # Don't forward short names
EOF
##################################################
# Setup dhclient.conf
#
# This prevents the INTERNET connection to change our local DNS server
sed -i 's/domain-name, domain-name-servers, domain-search, host-name,/host-name,/' /etc/dhcp/dhclient.conf
##################################################
# UFW
#
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

sed -i 's/IPV6=yes/IPV6=no/' /etc/default/ufw
sed -i 's/DEFAULT_INPUT_POLICY="DROP"/DEFAULT_INPUT_POLICY="ACCEPT"/' /etc/default/ufw
sed -i 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/' /etc/default/ufw
sed -i 's/ENABLED=no/ENABLED=yes/' /etc/ufw/ufw.conf
sed -i 's;\#net/ipv4/ip_forward=1;net/ipv4/ip_forward=1;' /etc/ufw/sysctl.conf

cat >> /etc/ufw/before.rules << EOF
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]

# Forward traffic through wlan1 - Change to match you out-interface
-A POSTROUTING -s 192.168.5.0/24 -o wlan1 -j MASQUERADE

# don't delete the 'COMMIT' line or these nat table rules won't
# be processed
COMMIT
EOF
##################################################
# Start it up!
#
sudo rm /etc/rc.local
sudo touch /etc/rc.local
sudo chmod +x /etc/rc.local
cat << EOF > /etc/rc.local
#!/bin/sh -e
#
# rc.local
sudo /etc/init.d/isc-dhcp-server stop
sudo /etc/init.d/hostapd stop
sudo /etc/init.d/dnsmasq stop
sudo /etc/init.d/isc-dhcp-server start
sudo /etc/init.d/hostapd start
sudo /etc/init.d/dnsmasq start
exit 0
EOF
##################################################
# Reboot
#
echo "press any key to reboot"
read reboot_key
sudo shutdown -r now