Internet Connection Sharing: Difference between revisions
imported>Jooooscha m replace nix-env with nix shell |
imported>Onny Init instruction share connection via ethernet |
||
| Line 1: | Line 1: | ||
The following example will describe how to share an active internet connection over a WiFi hotspot or alternatively via ethernet. | |||
== Usage == | == Share via WiFi == | ||
=== Usage === | |||
Share an existing internet connection of a wired interface <code>eth0</code> using a wifi hotspot on <code>wlan0</code> with the access point name <code>MyAccessPoint</code>. | Share an existing internet connection of a wired interface <code>eth0</code> using a wifi hotspot on <code>wlan0</code> with the access point name <code>MyAccessPoint</code>. | ||
| Line 10: | Line 12: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== Configuration == | === Configuration === | ||
Persistent share an existing internet connection of a wired interface <code>eth0</code> using a wifi hotspot on <code>wlan0</code> with the access point name <code>My Wifi Hotspot</code>. The network is protected with a simple WPA2 pre-shared key <code>12345678</code>. | Persistent share an existing internet connection of a wired interface <code>eth0</code> using a wifi hotspot on <code>wlan0</code> with the access point name <code>My Wifi Hotspot</code>. The network is protected with a simple WPA2 pre-shared key <code>12345678</code>. | ||
| Line 24: | Line 26: | ||
}; | }; | ||
}; | }; | ||
</syntaxhighlight> | |||
=== Share via ethernet === | |||
Share an existing internet connection of a wireless interface <code>wlan0</code> to clients connected on a ethernet device <code>eth0</code>. | |||
<syntaxhighlight lang="bash"> | |||
ip link set up eth0 | |||
ip addr add 10.0.0.1 dev eth0 | |||
# Enable packet forwarding | |||
sysctl net.ipv4.ip_forward=1 | |||
# Enable NAT for leaving packets | |||
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE | |||
# Forward packets coming from eth0 | |||
iptables -I DOCKER-USER -i eth0 -j ACCEPT | |||
# Forward packets that are part of an existing connection (forwards responses) | |||
iptables -I DOCKER-USER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT | |||
# Start dnsmasq for DHCP | |||
dnsmasq -d -i eth0 -F $client,$client,1m -O option:dns-server,1.1.1.1,1.0.0.1 & | |||
# Cleanup | |||
ip addr del $host dev $link | |||
ip link set down $link | |||
iptables -t nat -D POSTROUTING -o $wanlink -j MASQUERADE | |||
iptables -D DOCKER-USER -i $link -j ACCEPT | |||
iptables -D DOCKER-USER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT | |||
</syntaxhighlight> | </syntaxhighlight> | ||
[[Category:Networking]] | [[Category:Networking]] | ||
Revision as of 11:12, 17 April 2023
The following example will describe how to share an active internet connection over a WiFi hotspot or alternatively via ethernet.
Usage
Share an existing internet connection of a wired interface eth0 using a wifi hotspot on wlan0 with the access point name MyAccessPoint.
nix shell nixpkgs#linux-wifi-hotspot
sudo create_ap wlan0 eth0 MyAccessPoint
Configuration
Persistent share an existing internet connection of a wired interface eth0 using a wifi hotspot on wlan0 with the access point name My Wifi Hotspot. The network is protected with a simple WPA2 pre-shared key 12345678.
services.create_ap = {
enable = true;
settings = {
INTERNET_IFACE = "eth0";
WIFI_IFACE = "wlan0";
SSID = "My Wifi Hotspot";
PASSPHRASE = "12345678";
};
};
Share an existing internet connection of a wireless interface wlan0 to clients connected on a ethernet device eth0.
ip link set up eth0
ip addr add 10.0.0.1 dev eth0
# Enable packet forwarding
sysctl net.ipv4.ip_forward=1
# Enable NAT for leaving packets
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
# Forward packets coming from eth0
iptables -I DOCKER-USER -i eth0 -j ACCEPT
# Forward packets that are part of an existing connection (forwards responses)
iptables -I DOCKER-USER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
# Start dnsmasq for DHCP
dnsmasq -d -i eth0 -F $client,$client,1m -O option:dns-server,1.1.1.1,1.0.0.1 &
# Cleanup
ip addr del $host dev $link
ip link set down $link
iptables -t nat -D POSTROUTING -o $wanlink -j MASQUERADE
iptables -D DOCKER-USER -i $link -j ACCEPT
iptables -D DOCKER-USER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT