Saturday, November 2, 2013

Initial setup again...

Since I moved to my new house, I find myself having to set up from scratch because my network set up here is different.  I have access to a public WiFi network that I've been connected to on my laptop.  However, I now want to set up a home network but don't want it on the public Wifi, but I want to use the public Wifi to get access to the Internet ie I don't want to have to pay for an Internet connection and instead piggy back off the public WiFi.  I've decided that using my Raspberry Pi is perfect for this.  The Raspberry Pi will act as the DHCP server, and NAT router for my private home network and will route Internet traffic to the public WiFi.  Basically my set up will be as follows:

Public Wifi <-----> Pi <-------> Hub <-------> Private WiFi Access Point <---------> Private Wifi

The public Wifi network is 192.168.1.0 and my private Wifi network is 192.168.2.0.  The public Wifi interface on my Pi is wlan0 and the private wired interface is eth0.

So, To set up my RPi:

I'm not going to describe these first two steps in detail as there is a lot of information out there already.
1)  Make an image of Debian wheezy on a 4GB SD card.
2)  Boot the Pi, log in.

3)  First thing is to set up the public WiFi network.  I bought a nanoUSB WiFi adapter for my Pi.  Edit /etc/network/interfaces (this is assuming WEP encryption on the Public Wifi):

auto lo
iface lo inet loopback

auto wlan0
iface wlan0 inet dhcp
wireless-essid <SSID>
wireless-key <KEY>

iface eth0 inet dhcp

iface default inet dhcp

4)  Reboot.  Run iwconfig and ifconfig to determine if Pi is connected to the public WiFi network.  It should be associated with the SSID and have a valid IP address.

Now that is connected, set up the private Wifi:

We need to set up a static IP address on the private (local) network since Pi will handle DHCP and routing.  Edit /etc/network/interfaces:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.2.1
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255

auto wlan0
iface wlan0 inet dhcp
wireless-essid <SSID>
wireless-key <KEY>


6)  Pi will also act as a DHCP server on the private network:

sudo apt-get install isc-dhcp-server

7)  Edit /etc/dhcp/dhcpd.conf:

# Comment the following two lines:
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;

# This is authoritative for this network
authoritative;

# Let DHCP know about other networks but don't handle them
subnet 192.168.1.0 netmask 255.255.255.0 {
}

subnet 192.168.2.0 netmask 255.255.255.0 {
  range 192.168.2.50 192.168.2.75;
  option broadcast-address 192.168.2.255;
  option routers 192.168.2.1;
  option domain-name "local";
  # Google name servers
  option domain-name-servers 8.8.8.8, 8.8.4.4;
}

Also edit /etc/default/isc-dhcp-server:

INTERFACES="eth0"

8) Reboot Pi

If all is good, try connecting to private network on another computer.  You should get a DHCP address on the private network.

9)  We need to set up Pi to act as a router.  sudo nano /etc/sysctl.conf and uncomment:
#net.ipv4.ip_forward=1

10) Enable the change, sudo sysctl -p /etc/sysctl.conf

11) Set up masquerading


iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT

Try browsing from the private network to anywhere.  All should be ok.  

12)  Save iptable changes.
iptables-save > /etc/iptables.rules

14)  Load iptable settings on boot.  Edit /etc/network/if-pre-up.d/iptables:

#!/bin/sh

iptables-restore < /etc/iptables.rules

exit 0

15)  chmod +x /etc/network/if-pre-up.d/iptables

16)  Reboot to make sure everything (connectivity) works correctly.  If it does, then all set.