In this tutorial we will learn about the same. This should work with all major linux distributions with a few tweaks, but should work without tweaks for Debian based distrols like *buntu & mint etc.
I have written a simple script to do the task automatically, which you can find at the last. If you are not interested with the details/working of the system, then you can download the script and run it, answer few questions it asks if required.
My Setup:
WAN/INTERNET ----> Raspberry PI ---> Home Networkwhere raspberry pi acts as caching proxy server, dns server, NAS etc.
Since Raspberry Pi has only one Ethernet Port, we need to use a USB-to-Ethernet adapter if we are using wired connection for both LAN & WAN. Else if you are using WIFI for WAN then the inbuild ethernet port can do the LAN job.
We will focus on wired LAN setup here, regardless of whatever the WAN maybe (Ethernet, USB tethering, WIFI etc).
Looking at the setup in details:
WAN/INTERNET ------> USB-to-Ethernet of PI (eth1) ------> Ethernet port of PI (eth0) -----> Home Wireless AP.
The basic required packages are iptables & a dhcp server.
iptables comes installed default with most of the linux distros.
We will be using isc-dhcp-server as dhcp server, it doesn't come installed by default (Normally). So let's install it:
sudo apt-get update && apt-get -y install isc-dhcp-server
Let us configure the dhcp configuration file. The path for the file is /etc/dhcp/dhcpd.conf. There is already a dhcpd.conf file present. Let's create backup of that file and create a new configuration file.
sudo mv /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.bak && touch /etc/dhcp/dhcpd.conf
Open the newly created dhcpd.conf file with your favourite text editor with necessary root privilege.
Copy the following lines in the file
option domain-name "raspberry_pi";
option domain-name-servers 8.8.8.8, 8.8.4.4;
subnet 192.168.5.0 netmask 255.255.255.0 {
range 192.168.5.2 192.168.5.254;
option routers 192.168.5.1;
}
Let's see what it does, line by line.
1.It specifies the domain name of the system. You can use anyname you want.
2. Specifies which DNS to use. 8.8.8.8 & 8.8.4.4 are DNS of google. Better leave it as it is.
3. The subnet of your LAN. Change it according to your need. eg. 172.18.0.0, 192.168.4.1 etc
4. The IP start and end range that is given by the DHCP server. Here the first is 192.168.5.2 and last is 192.168.5.254. You can edit/modify it according to your need, but remember to use the same subnet as from line number 3.
5. Specifies the IP address of the router/system we are configuring. This too you can edit, but remember to put it in the same subnet.
Now, assign your LAN interface to DHCP server. eth0 in my case.
echo "INTERFACES=eth0" > /etc/default/isc-dhcp-serverThe DHCP server is now almost configured.
Next, creating iptables rules for the forwarding of packets from one interface to another. eth0 is interface connected to LAN and eth1 is interface connected to internet. Change it according to your need.
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables-save > /etc/iptables.ipv4.nat
Finally, let's configure the network interfaces file. Open the file /etc/network/interfaces with your favourite text editor with root privileges, and edit or replace or add the following lines, please use some common knowledge here as the your interface file maybe different with different configurations.
auto lo eth0Compare this with the dhcpd.conf file from earlier and edit accordingly if required. And as stated earlier too, eth0 is my LAN interface and eth1 is my interface connected to internet.
iface lo inet loopback
iface eth0 inet static
address 192.168.5.1
netmask 255.255.255.0
auto eth1
iface eth1 inet dhcp
up iptables-restore < /etc/iptables.ipv4.nat
Making sure everything starts up properly on boot, enter the following commands as root user.
update-rc.d isc-dhcp-server enable
sed -i '13iifup $lan_iface' /etc/rc.local
sed -i '14iifup $internet_iface' /etc/rc.local
Now, restart the networking or simply reboot for everything to work. Everything should be working properly now.
In next post, most probably this tutorial will be continued so as to share internet via wifi (ad-hoc).
Any question, feel free to post as comment.
Regards