Raspberry Pi Routing Tables

This is the last set of steps required to turn a Raspberry Pi into a wifi repeater.

  1. It is assumed that you have already: configured the network interfaces,
  2. set up hostapd, and
  3. Installed and configured a DHCP server.

Following Dryfire117 at https://pastebin.com/A4jUp2Nq

    1. First create a script to clear the routing tables:
      #!/bin/sh
      IPTABLES="$(which iptables)"
      # RESET DEFAULT POLICIES
      $IPTABLES -P INPUT ACCEPT
      $IPTABLES -P FORWARD ACCEPT
      $IPTABLES -P OUTPUT ACCEPT
      $IPTABLES -t nat -P PREROUTING ACCEPT
      $IPTABLES -t nat -P POSTROUTING ACCEPT
      $IPTABLES -t nat -P OUTPUT ACCEPT
      $IPTABLES -t mangle -P PREROUTING ACCEPT
      $IPTABLES -t mangle -P OUTPUT ACCEPT
      # FLUSH ALL RULES, ERASE NON-DEFAULT CHAINS
      $IPTABLES -F
      $IPTABLES -X
      $IPTABLES -t nat -F
      $IPTABLES -t nat -X
      $IPTABLES -t mangle -F
      $IPTABLES -t mangle -X
      

      Run this script to clear out any existing routing rules.

    2. Then create another script to set up the routing tables:
      #!/bin/sh
      IPT=/sbin/iptables
      INET_IFACE=wlan0
      AP_IFACE=wlan1
      INET_ADDRESS=192.168.1.99
      # Flush the tables
      $IPT -F INPUT
      $IPT -F OUTPUT
      $IPT -F FORWARD
      $IPT -t nat -P PREROUTING ACCEPT
      $IPT -t nat -P POSTROUTING ACCEPT
      $IPT -t nat -P OUTPUT ACCEPT
      # Allow forwarding packets:
      $IPT -A FORWARD -p ALL -i $AP_IFACE -o $INET_IFACE -j ACCEPT
      $IPT -A FORWARD -i $INET_IFACE -o $AP_IFACE -m state --state ESTABLISHED,RELATED -j ACCEPT
      # Packet masquerading
      $IPT -t nat -A POSTROUTING -o $INET_IFACE -j SNAT --to-source $INET_ADDRESS
      

      Run this to set up the routing tables.

    3. Now capture a snap-shot of the routing tables with the command
      sudo iptables-save > /etc/network/iptables
      

 

  1. Enable IP forwarding by editing the file /etc/sysctl.conf and uncommenting the line:
    net.ipv4.ip_forward=1
    

    Then give the command

    sudo sysctl --system  ....

    (I didn’t finish this page, but I will get back to is shortly)

    Print Friendly, PDF & Email