LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   Sharing Wireless Internet (http://www.linuxquestions.org/questions/slackware-14/sharing-wireless-internet-4175459367/)

bmarley83 04-23-2013 09:44 PM

Sharing Wireless Internet
 
Hello! I've been scouring the internet for answers to this question and have come up with nothing that works for me at all. I'm running Slackware 14 x64 multilib and all I want to do is share my wireless internet to my On board Nic with dhcp so that the router connected to my On board Nic will be able to broadcast that internet to my neighbors through wireless. I was using wicd for internet and trying to configure this and failed many, many times :( . Using Network Manager, I was able to get it to work with its built in sharing usage, but for the same reasons I stopped using it in the first place I have disabled it again, because of latency, or in some cases completely dropped connections. So, in short, can anyone please explain to me how to setup nat to share wlan0 with eth0 using dchp with wicd as my wireless connection client without me pulling the rest of the hair out of my head and setting it on fire? My appreciation would be beyond measure.

Erik_FL 04-23-2013 11:31 PM

I'm a little confused about what exactly you are trying to do. Let me ask a few questions.

How many routers are you using, one or two? Is the on-board NIC wired or wireless? Is the on-board NIC connected to your broadband router? Is your main broadband router wired or wireless? Do you have a second wired or wireless network interface on the computer?

You only need one NAT/DHCP router. If you are just trying to convert a wired LAN to a wireless LAN then you can do that by bridging rather than doing routing with the computer.

For example, if your main broadband router is not wireless, but you want to add a wireless router as an access point for your neighbors do something like this.

(broadband)<--->WAN[WIRED-ROUTER]LAN<===>LAN[WIRELESS-ROUTER]WIFI...WIFI[Neighbor-PC]

With the above setup you want to disable DHCP on the wireless router and set the wireless router to an unused IP address (different from the wired router). You don't connect the WAN port on the wireless router. You should also reserve the wireless router's IP address in the wired router's DHCP static assignment table. Your neighbor's PC will get its IP address from the wired router via DHCP.

If you have a wireless router connected to your broadband then you don't need to add anything.

(broadband)<--->WAN[WIRELESS-ROUTER]WIFI...WIFI[Neighbor-PC]

If you don't have a wireless router, but you do have a wireless adapter in the computer then you can bridge the wired and wireless adapters in the computer.

(broadband)<--->WAN[WIRED-ROUTER]LAN<===>LAN[COMPUTER]WIFI...WIFI[Neighbor-PC]

The trick with the above configuration is that you have to connect using "ad-hoc" wifi mode on both computers. That allows two wireless clients to connect directly and doesn't use a wireless access point. Your neighbor's PC will get its IP address from the wired router via DHCP.

In Linux you have to set up a network bridge between the two interfaces.

Code:

#!/bin/sh
#
# /etc/rc.d/rc.bridge
#
# Script to set up Ethernet bridge
#

return=$rc_done
case "$1" in

    start)
        echo "Starting bridge br0"  ||  return=$rc_failed
        /sbin/modprobe tun  ||  return=$rc_failed
        dhcpcd -k -o eth0
        ifconfig eth0 0.0.0.0 ||  return=$rc_failed
        dhcpcd -k -o wlan0
        ifconfig wlan0 0.0.0.0 ||  return=$rc_failed
        brctl addbr br0  ||  return=$rc_failed
        brctl addif br0 eth0  ||  return=$rc_failed
        brctl addif br0 wlan0  ||  return=$rc_failed
        ifconfig br0 up  ||  return=$rc_failed
        dhcpcd -t 30 br0  ||  return=$rc_failed
        echo -e "$return"
        ;;

    stop)
        echo "Stopping bridge br0"  ||  return=$rc_failed
        dhcpcd -k -o br0
        ifconfig br0 down
        brctl delif br0 wlan0  ||  return=$rc_failed
        brctl delif br0 eth0  ||  return=$rc_failed
        brctl delbr br0  ||  return=$rc_failed
        ifconfig eth0 up  ||  return=$rc_failed
        dhcpcd -t 30 eth0  ||  return=$rc_failed
        echo -e "$return"
        ;;

    status)
        ifconfig br0
        brctl show br0
        ;;

    restart)
        $0 stop && $0 start || return=$rc_failed
        ;;

    *)
        echo "Usage: $0 {start|stop|status|restart}"
        exit 1
esac

test "$return" = "$rc_done" || exit 1
exit 0

Make sure that your kernel supports bridging and the tunneling driver.

I've never set up a NAT router on Linux, but that is done using "iptables". You only need to do that if you have absolutely no other router between your Linux computer and the Wide Area Network. For example, if your Linux computer is connected via a cable modem, DSL modem, dial-up or a cellular Internet service (with no router).

(broadband)<--->[MODEM]LAN<===>LAN[COMPUTER{NAT/DHCP/DNS}]WIFI...WIFI[Neighbor-PC]

In addition to NAT, you need a DHCP server on the wireless interface. You will probably want a DNS relay or DNS server on the wireless interface. You can do without a DHCP and DNS server if your neighbor manually configures their IP address, gateway and DNS server. The gateway has to be the Linux computer's WIFI IP address. The DNS server has to be the real WAN DNS server if you don't run one on the Linux computer.

The difference between a DNS proxy/relay and a DNS server is this. A DNS proxy/relay just forwards DNS requests to the real DNS server on the WAN. DNS proxy/relay does not allow names to be registered for computers on your LAN or WIFI. A DNS server also caches information, so it can speed up name resolution. Some relay/proxy software can do caching but it still does not support local name registration.

Often cable or DSL "modems" have built-in routers, and you don't need NAT on your Linux computer if the modem has a built-in router.

(broadband)<--->[MODEM/ROUTER]LAN<===>LAN[COMPUTER]WIFI...WIFI[Neighbor-PC]

- or -

(broadband)<--->[MODEM/ROUTER]LAN<===>LAN[WIRELESS-ROUTER]WIFI...WIFI[Neighbor-PC]

You can use your Linux computer as a second NAT router to keep your neighbors off your LAN.

(broadband)<--->WAN[WIRED-ROUTER]LAN<===>LAN[COMPUTER{NAT/DHCP/DNS}]WIFI...WIFI[Neighbor-PC]

The above setup has its problems. Any ports that need to be forwarded for your neighbors have to be forwarded through both NAT routers, on the computer and on the broadband router. By using bridging you avoid that problem and also allow your neighbors' computers to forward ports through the broadband router with UPnP.

So, to summarize if you have two routers, wired and wireless then you don't need to involve your PC at all. If you have one wired router, you can use your PC as a bridge between wired and wireless. If you have no routers at all then you need to do the NAT on the computer using "iptables".

EDIT NOTE: You will have to search for examples of how to connect ad-hoc using "wicd". It also appears that there may be a bug in some versions of "wicd" that makes ad-hoc connections difficult.

bmarley83 04-24-2013 01:26 AM

Okay thank you for the response Erik_FL and please let me clarify. I have a usb wifi card that I use to connect to a local "coffee shop" that has open wireless :) . I also have a built in Ethernet port and a wireless router connected to it through the wan port. I was able to serve wireless to a friend in my building this way through network manager's easy to configure interface. But its not ideal and I'd also like to learn how to do this manually, because I am a networking tech. major in college, without using network manager. So I want to use nat with dhcp to serve the address to the router that is configured for dynamic ip address resolution for its internet config through the wan port on the router without network manager.

NeoMetal 04-24-2013 09:01 AM

Generally speaking there are two main things:

One, tell the kernel to enable ipv4 forwarding, in Slack there should be a /etc/rc.d/rc.ip_forward that you make executable (and just run)

Two, set up an iptables rule to do the translation, something along the lines of:

iptables --table nat --append POSTROUTING --out-interface wlan0 -j SNAT
iptables --append FORWARD --in-interface eth0 -j ACCEPT

(but double check the actual rules)

schneidz 04-24-2013 09:54 AM

this is what i do:
http://www.linuxquestions.org/questi...6/#post3804866

Erik_FL 04-24-2013 01:40 PM

Quote:

Originally Posted by bmarley83 (Post 4937744)
Okay thank you for the response Erik_FL and please let me clarify. I have a usb wifi card that I use to connect to a local "coffee shop" that has open wireless :) . I also have a built in Ethernet port and a wireless router connected to it through the wan port. I was able to serve wireless to a friend in my building this way through network manager's easy to configure interface. But its not ideal and I'd also like to learn how to do this manually, because I am a networking tech. major in college, without using network manager. So I want to use nat with dhcp to serve the address to the router that is configured for dynamic ip address resolution for its internet config through the wan port on the router without network manager.

I think this is basically what you are trying to do.

[HOT-SPOT{NAT}]WIFI...WIFI[COMPUTER{NAT}]LAN<==>WAN[WIRELESS-ROUTER{NAT}]WIFI...WIFI[NEIGHBOR-COMPUTER]

That will put three NAT routers between your neighbor's computer and the Internet. Things like FTP and Windows Update probably won't work well but it should allow access to the Internet. I understand that you want to set up the NAT router on Linux partly as a learning experience.

Here is an alternative that may work better. It doesn't require setting up a NAT router, or using the WAN port on the wireless router.

[HOT-SPOT{NAT}]WIFI...WIFI[COMPUTER{bridge}]LAN<==>LAN[WIRELESS-ROUTER]WIFI...WIFI[NEIGHBOR-COMPUTER]

Your neighbor's computer will appear to be talking directly to the hot-spot, though it will use your router's SSID, pass-phrase and encryption. That uses just the NAT in the hot-spot and your neighbor's computer will request an IP address directly from the hot-spot.

Here's the post that schneidz wrote with the details of setting up NAT.

Quote:

Originally Posted by schneidz (Post 3804866)
here's the final score:
eth0 is my ethernet card connected to my blu-ray player via crossover cable (i also tried with a regular cat-5 cable and it worked just the same).
eth1 is my wifi adapter connected to my netgear router upstairs.

i ran:
Code:

/sbin/ifconfig eth0 192.168.10.101 netmask 255.255.255.0 broadcast 192.168.10.255
  iptables --flush           
  iptables --table nat --flush
  iptables --delete-chain   
  iptables --table nat --delete-chain
  iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
  iptables --append FORWARD --in-interface eth0 -j ACCEPT
  echo 1 > /proc/sys/net/ipv4/ip_forward
route add  -net 192.168.10.0  netmask 255.255.255.0 gw 192.168.5.1 dev eth0

on the fedora laptop.
and then put in the settings for my blu-ray player:
ip: 192.168.10.105
netmask: 255.255.255.0
gateway: 192.168.10.101
dns: 192.168.5.1 (my netgear router)

done,

Thanks, schneidz for the very concise answer to setting up NAT on Linux using "iptables". That was helpful for me, since I've never done that and wondered what was required.

Erik_FL 04-24-2013 02:25 PM

Quote:

Originally Posted by schneidz (Post 3804866)
here's the final score:
Code:

route add  -net 192.168.10.0  netmask 255.255.255.0 gw 192.168.5.1 dev eth0

I have a question about the above route. Why is it associated with "eth0"? Shouldn't the gateway be reachable on the specified network interface, "dev eth0"? If the address of "eth0" is 192.168.10.101/255.255.255.0 how is the gateway 192.168.5.1 reachable through the "eth0" network interface?

Why is the route not one of these?

Code:

route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.5.1
route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.5.1 dev eth1
route add -net 192.168.10.0 netmask 255.255.255.0 dev eth0

The last route is the usual way to add a route for a network interface, which perhaps is not correct in this case because 192.168.10.0 must be reached through NAT. The first two are how I thought one would route all packets for 192.168.10.0 through NAT.

In your example, which network is the sub-network? Is "eth0" a sub-network of "eth1", or is "eth1" a sub-network of "eth0"?

schneidz 04-24-2013 03:05 PM

i'm really not sure... i was just experimenting until i came across something that worx -- eth0 is the subnet.

chrissi29 04-24-2013 04:04 PM

Hello Erik,

although this suggestion is not slackware related, it might also be helpful:
What about using your wifi router as a wireless bridge? Many inexpensive routers can be flashed with alternative firmware to make this possible.
Search for dd-wrt or open-wrt for example.
For me it's working for already three years with a "La Fonera" router.

Greets, Chris

Erik_FL 04-24-2013 07:14 PM

Quote:

Originally Posted by chrissi29 (Post 4938207)
Hello Erik,

although this suggestion is not slackware related, it might also be helpful:
What about using your wifi router as a wireless bridge? Many inexpensive routers can be flashed with alternative firmware to make this possible.
Search for dd-wrt or open-wrt for example.
For me it's working for already three years with a "La Fonera" router.

Greets, Chris

Chris, I'm not the original poster of the thread, but it is a good suggestion.

Most routers will work as a wireless bridge server (access point) without special firmware. Just connect a LAN port of the wireless router to the network and don't use the WAN port. Then disable DHCP on the wireless router so that there aren't two DHCP servers on the network.

Special firmware is only needed to use a router as a wireless bridge client. The main reasons for doing that are if the client PC has no wireless adapter, or multiple computers in one area must be connected as wireless clients.

Special firmware is also required to make a router into a wireless-to-wireless repeater. I've actually set my Linksys router up as a 2Gb to 5Gb wireless-to-wireless repeater using the Tomato firmware. It's not very common to see wireless routers that support multiple wireless networks. So, most routers can't be turned into a repeater. The repeater function only works one-way because it is necessary to choose which wireless network will be the bridged "client".

chrissi29 04-25-2013 02:36 AM

Hello Erik,


Quote:

Most routers will work as a wireless bridge server (access point) without special firmware. Just connect a LAN port of the wireless router to the network and don't use the WAN port. Then disable DHCP on the wireless router so that there aren't two DHCP servers on the network.
Sorry, I used the term "wireless bridge" in the wrong context. What bmarley83 wanted, was essentially to repeat the signal of a free wireless AP?!
Probably what you wanted to say is, that some routers with stock firmware can be used as wireless clients to connect to other wifi APs and bridge that to the (cabled) subnet.

An overview for different linking techniques can be found on http://www.dd-wrt.com/wiki/index.php..._Client_Bridge

Code:

Special firmware is also required to make a router into a wireless-to-wireless repeater.
I've actually set my Linksys router up as a 2Gb to 5Gb wireless-to-wireless repeater using the Tomato firmware.
It's not very common to see wireless routers that support multiple wireless networks. So, most routers can't be turned into a repeater. T
he repeater function only works one-way because it is necessary to choose which wireless network will be the bridged "client".

...there are many routers out there, which are capable of wireless repeating, in same or different subnets.

See for example http://www.dd-wrt.com/wiki/index.php/Supported_Devices.


All times are GMT -5. The time now is 07:30 AM.