Hi Everyone, After deep digging the web for the last two days with sleepness nights,
I need some help and clarification.
I have a years of experience with linux, however I'm surely not a network expert
I have more than 22 PCs/Devices in my home network,some are Lan, other are wLan with a lot of traffic - as no private consumer grade router was ever satisfying my needs, I have decided to build my own enterprise grade router and throw my ac1750 to the sharks
I had some good old core I5 pc with 4gb of ram and SSD (I'm using it as HTPC as well) , Two Ethernet Lan and One WIFI USB Adapter which is working in master mode where other AP will spread the signal to the rest of the house - this is my setup:
ppp0 > Connected Through eth0
eth0 > Connected to VDSL Modem with pppoe dialer
eth1 > Connected to LAN HUB, using dnsmasq for DHCP and DNS and having NAT to ppp0 with iptables
Everything works properly, and now I would like to Add:
wlan0 > should be used as AP, wireless devices should talk with LAN devices connected eth1, using hostapd (it works with my wifi driver).
To make the long story short, I've been thinking to add br0 which will bridge eth1 and wlan0 and have nat to ppp0, however i've read bridging wlan and lan is not possible (could see some hacks with mac spoofing ,don't want to use this approach)
I've also tried assigning wlan0 to the same subnet of eth1, could see that having two network in the same subnet is not acceptable, I also got a deadlock and decided to abandon this approach
This is my /etc/network/interfaces:
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.rules
#eth0 connected to vDsl modem for generating ppp0
allow-hotplug eth0
iface eth0 inet dhcp
#eth1 home network
allow-hotplug eth1
iface eth1 inet static
address 10.0.0.138
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
#ppp0 pppoe dialer
auto dsl-provider
iface dsl-provider inet ppp
pre-up /bin/ip link set eth0 up # line maintained by pppoeconf
provider dsl-provider
This is my iptables rules:
*nat
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
*filter
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -j DROP
COMMIT
This is my dnsmasq.conf:
interface=eth1
listen-address=127.0.0.1
domain=home.local
dhcp-range=10.0.0.100,10.0.0.199,12h
What is the best practice to handle wlan0 AP in this setup?