曾经看到很多文章把Raspberry Pi制作成无线AP,但是我今天要做的是把Raspberry Pi做成一个有NAT功能的路由器,我做这个的初衷是因为到荷兰出差后发现我的bambook无法接入宿舍里的WiFi,也许是因为宿舍无线路由器是WEP的认证方式,总之死活连不上。后来决定用Raspberry Pi+北极星光无线路由器来解决问题。
Raspberry Pi 树莓派搭LAMP服务器
在树莓派Raspberry Pi上安装游戏模拟器
Raspberry Pi 树莓派上安装Weston
用于Raspberry Pi 的Linux 操作系统已经可用
Raspberry Pi(树莓派)试用小记
Raspberry Pi(树莓派)的安装、配置IP及软件源等入门
思路:【无线路由器】—–【无线网卡–Raspberry Pi–有线RJ45端口】——【有线RJ45端口–北极星光无线路由器–无线】—-Bambook
步骤一:配置Raspberry Pi的无线网卡与有线网卡
无线网卡通过WEP连到宿舍无线路由器,并配置一个固定IP,有线网卡也配置固定IP
pi@raspberrypi:~$ cat /etc/network/interfacesauto lo iface lo inet loopback iface eth0 inet static address 172.16.1.100 netmask 255.255.255.0 gateway 172.16.1.1 ######################################### allow-hotplug wlan0 iface wlan0 inet static #wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf #iface default inet dhcp wireless-essid ADSL-WiFi-c91f44 wireless-key 1234567890 address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.254
步骤二:在Raspberry Pi上架设DHCP服务器
pi@raspberrypi:~$ sudo apt-get install isc-dhcp-server 编辑dhcp.conf文件
pi@raspberrypi:~$ sudo vi /etc/dhcp/dhcpd.conf 在dhcp.conf文件的最后加上以下几行
subnet 172.16.1.0 netmask 255.255.255.0 { range 172.16.1.1 172.16.1.99; option routers 172.16.1.100; option domain-name-servers 8.8.8.8,8.8.4.4; } 在Raspberry Pi的RJ45口上连上笔记本后测试是否可以分配IP地址
pi@raspberrypi:~$ sudo service isc-dhcp-server restart Stopping ISC DHCP server: dhcpd. Starting ISC DHCP server: dhcpd.
步骤三:
启用Raspberry Pi的路由转发功能,并开启NAT
开启路由转发功能
pi@raspberrypi:~$ sudo vi /etc/sysctl.conf
把sysctl.conf里的 net.ipv4.ip_forward=1前的”#”号去掉后保存
开启NAT功能
制作一个开启NAT的脚本,,保存为nat
#!/bin/sh sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE sudo iptables -A FORWARD -i wlan0 -o eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT 运行此脚本
pi@raspberrypi:~$ ls | grep nat nat pi@raspberrypi:~$ sh ./nat pi@raspberrypi:~$ sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all — anywhere anywhere state RELATED,ESTABLISHED ACCEPT all — anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination pi@raspberrypi:~$ sudo iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all — anywhere anywhere pi@raspberrypi:~$ 在/etc/network/目录下创建一个iptables的文件
pi@raspberrypi:~$ sudo touch /etc/network/iptables 把iptables内容保存到/etc/network/iptables中
pi@raspberrypi:~$ sudo sh -c “iptables-save > /etc/network/iptables” pi@raspberrypi:~$ cat /etc/network/iptables # Generated by iptables-save v1.4.14 on Sun Jun 15 05:45:28 2014 *filter :INPUT ACCEPT [22972:1979567] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [2421:275063] -A FORWARD -i wlan0 -o eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i eth0 -o wlan0 -j ACCEPT COMMIT # Completed on Sun Jun 15 05:45:28 2014 # Generated by iptables-save v1.4.14 on Sun Jun 15 05:45:28 2014 *nat :PREROUTING ACCEPT [9719:1105033] :INPUT ACCEPT [1273:238753] :OUTPUT ACCEPT [675:88515] :POSTROUTING ACCEPT [219:34192] -A POSTROUTING -o wlan0 -j MASQUERADE COMMIT # Completed on Sun Jun 15 05:45:28 2014 pi@raspberrypi:~$
在/etc/network/interfaces上加上一句up iptables-restore < /etc/network/iptables使得每次启动的时候自动生效
绊脚石乃是进身之阶。
