Wednesday, August 31, 2005

Debian Linux 3.0 on iBook as a Wifi router


1. make sure both ethernet and wifi connections are good

# ifconfig eth0 && ifconfig eth1

2. iwconfig eth1 should show it's connected to an AP somewhere - set SSID to "Any" so that it will try to auto-connect.

3. run this script:

# delete old configuration, if any
# flush all the rules in filter and nat tables
iptables --flush
iptables --table nat --flush

# delete all chains that are not in default
# filter and nat table
iptables --delete-chain
iptables --table nat --delete-chain

# setup IP FORWARDING and MASQUERADING (NAT)
iptables --table nat --append POSTROUTING
--out-interface eth0 -j MASQUERADE

iptables --append FORWARD --in-interface eth1
-j ACCEPT

iptables --append FORWARD --in-interface eth2
-j ACCEPT

# enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

4. update kernel routing table

(if wifi subnet is 169.254.0.0 and ethernet
subnet is 157.184.0.0)
- route command should return something like:
157.184.0.0 * 255.255.0.0 blah blah eth0
169.254.0.0 * 255.255.0.0 blah blah eth1

- you can add a subnet by:
route add -net 169.254.0.0 netmask 255.255.0.0 dev eth0

- should add a default by:
route add -net 0.0.0.0 dev eth0

- then update iptables for the specific device
iptables -A PREROUTING -t nat -p tcp
-d 168.254.x.x -j DNAT
--to 157.184.x.x
OR
iptables -A PREROUTING -t nat -p tcp
-d 168.254.x.x
--dport 80 -j DNAT
--to 157.184.x.x:80

5. the connecting device should have the following settings:

ip: 169.254.x.x
mask: 255.255.255.0
gateway: 169.254.x.x - the router's ip (ibook)
internet proxy: 157.184.x.x - internet proxy