曾經看到很多文章把Raspberry Pi製作成無線AP,但是我今天要做的是把Raspberry Pi做成一個有NAT功能的路由器,我做這個的初衷是因爲到荷蘭出差後發現我的bambook無法接入宿舍裏的WiFi,也許是因爲宿舍無線路由器是WEP的認證方式,總之死活連不上。後來決定用Raspberry Pi+北極星光無線路由器來解決問題。
思路:
【無線路由器】-----【無線網卡--Raspberry Pi--有線RJ45端口】------【有線RJ45端口--北極星光無線路由器--無線】----Bambook
步驟一:
配置Raspberry Pi的無線網卡與有線網卡
無線網卡通過WEP連到宿舍無線路由器,並配置一個固定IP,有線網卡也配置固定IP
pi@raspberrypi:~$ cat /etc/network/interfaces auto lo iface lo inet loopback iface eth0 inet static address 172.16.1.100 netmask 255.255.255.0 gateway 172.16.1.1 ######################################### allow-hotplug wlan0 iface wlan0 inet static #wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf #iface default inet dhcp wireless-essid ADSL-WiFi-c91f44 wireless-key 1234567890 address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.254
步驟二:
在Raspberry Pi上架設DHCP服務器
pi@raspberrypi:~$ sudo apt-get install isc-dhcp-server
編輯dhcp.conf文件
pi@raspberrypi:~$ sudo vi /etc/dhcp/dhcpd.conf
在dhcp.conf文件的最後加上以下幾行
subnet 172.16.1.0 netmask 255.255.255.0 { range 172.16.1.1 172.16.1.99; option routers 172.16.1.100; option domain-name-servers 8.8.8.8,8.8.4.4; }
在Raspberry Pi的RJ45口上連上筆記本後測試是否可以分配IP地址
pi@raspberrypi:~$ sudo service isc-dhcp-server restart Stopping ISC DHCP server: dhcpd. Starting ISC DHCP server: dhcpd.
步驟三:
啓用Raspberry Pi的路由轉發功能,並開啓NAT
開啓路由轉發功能
pi@raspberrypi:~$ sudo vi /etc/sysctl.conf
把sysctl.conf裏的 net.ipv4.ip_forward=1前的"#"號去掉後保存
開啓NAT功能
製作一個開啓NAT的腳本,保存爲nat
#!/bin/sh sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE sudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
運行此腳本
pi@raspberrypi:~$ ls | grep nat nat pi@raspberrypi:~$ sh ./nat
pi@raspberrypi:~$ sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination pi@raspberrypi:~$ sudo iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere pi@raspberrypi:~$
在/etc/network/目錄下創建一個iptables的文件
pi@raspberrypi:~$ sudo touch /etc/network/iptables
把iptables內容保存到/etc/network/iptables中
pi@raspberrypi:~$ sudo sh -c "iptables-save > /etc/network/iptables"
pi@raspberrypi:~$ cat /etc/network/iptables # Generated by iptables-save v1.4.14 on Sun Jun 15 05:45:28 2014 *filter :INPUT ACCEPT [22972:1979567] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [2421:275063] -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i eth0 -o wlan0 -j ACCEPT COMMIT # Completed on Sun Jun 15 05:45:28 2014 # Generated by iptables-save v1.4.14 on Sun Jun 15 05:45:28 2014 *nat :PREROUTING ACCEPT [9719:1105033] :INPUT ACCEPT [1273:238753] :OUTPUT ACCEPT [675:88515] :POSTROUTING ACCEPT [219:34192] -A POSTROUTING -o wlan0 -j MASQUERADE COMMIT # Completed on Sun Jun 15 05:45:28 2014 pi@raspberrypi:~$
在/etc/network/interfaces上加上一句up iptables-restore < /etc/network/iptables使得每次啓動的時候自動生效
pi@raspberrypi:~$ cat /etc/network/interfaces auto lo iface lo inet loopback iface eth0 inet static address 172.16.1.100 netmask 255.255.255.0 gateway 172.16.1.1 ######################################### allow-hotplug wlan0 iface wlan0 inet static #wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf #iface default inet dhcp wireless-essid ADSL-WiFi-c91f44 wireless-key 1234567890 address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.254 up iptables-restore < /etc/network/iptables
保存重啓發現連上Raspberry Pi的RJ45口的便攜機能自動獲取IP地址,並且可以ping通外網了。