Matthai Posted August 17, 2017 Share Posted August 17, 2017 I have OrangePi Zero and want to use it the following way: 1. OrangePi Zero is connected to internet via Wi-fi 2. on OrangePi's eth0 port is running DHCP server 3. I connect a computer to eth0 port on OrangePi, get IP address via DHCP and access to the internet So internet is provided to eth0 via wlan0. Now, I managed to install dnsmasq, and it is working. Basically my config (/etc/dnsmasq.conf) is: interface=eth0 listen-address=172.16.0.1 bind-interfaces addn-hosts=/etc/dnsmasq/hosts.conf dhcp-range=172.16.0.50,172.16.0.150,12h dhcp-leasefile=/var/lib/misc/dnsmasq.leases IP of eth0 on OrangePi Zero is: ifconfig eth0 Link encap:Ethernet HWaddr e6:a4:5a:d5:e5:0b inet addr:172.16.0.1 Bcast:172.16.0.255 Mask:255.255.255.0 inet6 addr: fe80::e4a4:5aff:fed5:e50b/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:3 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:238 (238.0 B) Interrupt:114 So, when I connect a computer to OrangePi's eth0 port, I get IP address 172.16.0.97 (on this external computer). I can ping OrangePi Zero (172.16.0.1), from OrangePi Zero I can ping this device (ping 172.16.0.97), however, IP forwarding is not working. I said: sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward" and also: sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT Still, IP forwarding does not work (while DHCP and ping works perfectly). Any idea what could be a problem? Link to comment Share on other sites More sharing options...
hkubota Posted August 17, 2017 Share Posted August 17, 2017 sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward" and also:sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADEsudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPTsudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT Still, IP forwarding does not work (while DHCP and ping works perfectly). Any idea what could be a problem?My guess: you got wlan0 and eth0 wrong for the iptables section.HaraldSent from my Nexus 9 using Tapatalk Link to comment Share on other sites More sharing options...
Matthai Posted August 17, 2017 Author Share Posted August 17, 2017 I don't think so. On some other device I set up Wifi access point. And I just "flipped" eth0/wlan0 from those settings (which in fact are working). Link to comment Share on other sites More sharing options...
Igor Posted August 18, 2017 Share Posted August 18, 2017 Here is my very similar but working configuration: wlan0 is connected to "the internet", eth0 and second wireless (currently not attached) are local networks, bridged to br0. Spoiler br0 Link encap:Ethernet HWaddr 02:8a:08:82:8f:3e inet addr:172.24.1.1 Bcast:172.24.1.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) eth0 Link encap:Ethernet HWaddr 02:8a:08:82:8f:3e UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:51 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:52 errors:0 dropped:0 overruns:0 frame:0 TX packets:52 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4698 (4.6 KB) TX bytes:4698 (4.6 KB) wlan0 Link encap:Ethernet HWaddr 00:22:f4:f2:fc:50 inet addr:172.16.100.183 Bcast:172.16.100.255 Mask:255.255.255.0 inet6 addr: fe80::92ab:2546:2ded:fb58/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:461 errors:0 dropped:0 overruns:0 frame:0 TX packets:421 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:38757 (38.7 KB) TX bytes:65293 (65.2 KB) /etc/rc.local and /etc/iptables.ipv4.wlan.nat Spoiler iptables-restore < /etc/iptables.ipv4.wlan.nat service dnsmasq restart # Generated by iptables-save v1.6.0 on Thu Jul 6 18:23:43 2017 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A FORWARD -i wlan0 -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i br0 -o wlan0 -j ACCEPT COMMIT # Completed on Thu Jul 6 18:23:43 2017 # Generated by iptables-save v1.6.0 on Thu Jul 6 18:23:43 2017 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -o wlan0 -j MASQUERADE COMMIT # Completed on Thu Jul 6 18:23:43 2017 /etc/dnsmasq.conf Spoiler interface=br0 # Use interface wlan0 listen-address=172.24.1.1 # Explicitly specify the address to listen on bind-interfaces # Bind to the interface to make sure we aren't sending things elsewhere server=8.8.8.8 # Forward DNS requests to Google DNS domain-needed # Don't forward short names bogus-priv # Never forward addresses in the non-routed address spaces dhcp-range=172.24.1.50,172.24.1.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time I hope it helps. Link to comment Share on other sites More sharing options...
Recommended Posts