Last active
March 11, 2018 15:53
-
-
Save tkshnwesper/fa500c203326766afce83895bc9f4aef to your computer and use it in GitHub Desktop.
Raspberry Pi Setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sudo apt install dnsmasq hostapd -y | |
sudo echo "denyinterfaces wlan0" | sudo tee -a /etc/dhcpcd.conf | |
sudo tee /etc/network/interfaces.d/wlan0 << EOM | |
allow-hotplug wlan0 | |
iface wlan0 inet static | |
address 172.24.1.1 | |
netmask 255.255.255.0 | |
network 172.24.1.0 | |
broadcast 172.24.1.255 | |
EOM | |
sudo service dhcpcd restart | |
sudo ifdown wlan0; sudo ifup wlan0 | |
sudo tee /etc/hostapd/hostapd.conf << EOM | |
# This is the name of the WiFi interface we configured above | |
interface=wlan0 | |
# Use the nl80211 driver with the brcmfmac driver | |
driver=nl80211 | |
# This is the name of the network | |
ssid=Pi3-AP | |
# Use the 2.4GHz band | |
hw_mode=g | |
# Use channel 6 | |
channel=6 | |
# Enable 802.11n | |
ieee80211n=1 | |
# Enable WMM | |
wmm_enabled=1 | |
# Enable 40MHz channels with 20ns guard interval | |
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40] | |
# Accept all MAC addresses | |
macaddr_acl=0 | |
# Use WPA authentication | |
auth_algs=1 | |
# Require clients to know the network name | |
ignore_broadcast_ssid=0 | |
# Use WPA2 | |
wpa=2 | |
# Use a pre-shared key | |
wpa_key_mgmt=WPA-PSK | |
# The network passphrase | |
wpa_passphrase=raspberry | |
# Use AES, instead of TKIP | |
rsn_pairwise=CCMP | |
EOM | |
sudo sed -i "s/^#DAEMON_CONF=\"\"/DAEMON_CONF=\"\/etc\/hostapd\/hostapd.conf\"/" /etc/default/hostapd | |
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig | |
sudo tee /etc/dnsmasq.conf << EOM | |
interface=wlan0 # Use interface wlan0 | |
listen-address=172.24.1.1 # Explicitly specify the address to listen on | |
bind-interfaces # Bind to the interface to make sure we aren't sending things elsewhere | |
server=8.8.8.8 # Forward DNS requests to Google DNS | |
domain-needed # Don't forward short names | |
bogus-priv # Never forward addresses in the non-routed address spaces. | |
dhcp-range=172.24.1.50,172.24.1.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time | |
dhcp-authoritative | |
EOM | |
sudo sed -i "s/^#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/" /etc/sysctl.conf | |
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | |
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT | |
sudo sh -c "iptables-save > /etc/iptables.ipv4.nat" | |
sudo sed -i "s/^exit 0$/sudo iptables-restore < \/etc\/iptables.ipv4.nat\nexit 0/" /etc/rc.local | |
sudo service hostapd start | |
sudo service dnsmasq start | |
sudo reboot |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment