Skip to content

Instantly share code, notes, and snippets.

@sureshjoshi
Last active February 24, 2023 09:57
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Bridging Wifi to Ethernet on a Raspberry Pi (from https://sureshjoshi.com/development/raspberry-pi-wifi-to-ethernet-bridge)
### NOTE: This is strictly a breakdown of the snippets from the blog article, not an automated script.
### For automation, refer to the Ansible role
### Setup a Static IP
nano /etc/dhcpcd.conf
# Add these fields with your desired IP address
> interface eth0
> static ip_address=10.10.10.1/24
> static routers=10.10.10.0
# This command can kill Wifi, so you're probably just as well to reboot instead
service dhcpcd restart
## Enable IPv4 Packet Forwarding
nano /etc/sysctl.conf
# Uncomment this line or add it to the bottom
> net.ipv4.ip_forward=1
# For immediate access (without a reboot)
sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
### Use iptables to Setup Data Forwarding
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
### Ensure iptables Are Run On Boot
# Save the rules we just added
iptables-save > /etc/iptables.ipv4.nat
nano /etc/rc.local
# Add this line to the rc.local just before 'exit 0'
> iptables-restore < /etc/iptables.ipv4.nat
### Setup dnsmasq to Provide IP Addresses
apt-get install dnsmasq
nano /etc/dnsmasq.conf
# Replace dnsmasq.conf with this
> interface=eth0 # Use interface eth0
> listen-address=10.10.10.1 # Specify the address to listen on (static ip_address from dhcpcd.conf)
> domain-needed # Don't forward short names
> bogus-priv # Drop the non-routed address spaces.
> dhcp-range=10.10.10.100,10.10.10.200,12h # IP range and lease time (setting .100 to .200 as possible IPs)
service dnsmasq restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment