Posted by Adam Niedzwiedzki on 27 February 2014
I wanted to setup my Raspberry Pi as a 4G router for my small home office. My internet connection is provided by a Telstra 4G Sierra Aircard 320U USB modem. I run Raspbian which is Debian wheezy, optimized for the Raspberry Pi. Once you Pi is up and running you will need install some packages.
sudo apt-get install isc-dhcp-server |
My setup has eth0 connected to my internal network. The beauty of the Sierra card when plugged in should automatically be detected and will appear as wwlan0. The first step is to edit /etc/network/interfaces.
sudo vi /etc/network/interfaces |
We want the internet facing NIC to get an address from our ISP via DHCP and our internal NIC to have a static address. I am using 10.0.10.0/24 as my internal subnet but you can use any subnet you like as long as it is RFC 1918 compliant. Keep in mind a /24 (255 addresses) is most always big enough for a home network. Here is what my /etc/network/interfaces file looks like. If you decide to change the internal subnet, you'll need to edit my addresses to suit your setup.
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.10.1
netmask 255.255.255.0
auto wlan0
iface wlan0 inet static
address 192.168.10.1
netmask 255.255.255.0
auto wwan0
iface wwan0 inet dhcp |
Save the file and restart networking (or reboot)
sudo /etc/init.d/networking restart |
Next I setup the DHCP server. Edit the DHCP server configuration file.
sudo vi /etc/dhcp/dhcpd.conf |
Edit your DHCP configuration to suit your needs here is mine.
ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.0.10.0 netmask 255.255.255.0 {
range 10.0.10.90 10.0.10.100;
option broadcast-address 10.0.10.255;
option routers 10.0.10.1;
default-lease-time 600;
max-lease-time 7200;
option domain-name "genisx";
option domain-name-servers 8.8.8.8;
interface eth0;
}
subnet 192.168.10.0 netmask 255.255.255.0 {
range 192.168.10.90 192.168.10.100;
option domain-name-servers 8.8.8.8;
option routers 192.168.10.1;
interface wlan0;
} |
I have 2 subnets setup, 1 to handle my internal network via eth0, and another for my wireless clients (I have my Raspberry Pi setup as a WiFi Access Point). Save the file and restart the DHCP service.
sudo /etc/init.d/isc-dhcp-server restart |
You should recieve two ok messages.
[ ok ] Stopping ISC DHCP server: dhcpd.
[ ok ] Starting ISC DHCP server: dhcpd. |
At this point you should be able to access your pi and receive an IP address via dhcp for any devices on your internal network. However, you won't be able to get any further on the network than your Pi itself. To solve this, we need to enable IP forwarding.
sudo echo 1 > /proc/sys/net/ipv4/ip_forward |
Next edit /etc/sysctl.conf and uncomment out the line that says net.ipv4.ip_forward = 1.
sudo nano /etc/sysctl.conf |
# Uncomment the next line to enable packet forwarding for IPv4
Save the file. The final step is to insert an iptables rule to allow NAT.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE |
The iptables rules for nat we inserted above are not persistent and if you reboot they will be overridden by the default configuration (nothing). We can fix this by saving the rules and creating a little script to restore them as the network interfaces come up during boot. First, save your iptables rules to a file.
sudo iptables-save > /etc/iptables.up.rules |
Next create a script in /etc/network/if-pre-up.d/ with the following contents:
sudo vi /etc/network/if-pre-up.d/iptables |
#!/bin/sh
#This script restores iptables upon reboot
iptables-restore < /etc/iptables.up.rules
exit 0 |
Change ownership and permissions of the script so it will run at boot.
sudo chown root:root /etc/network/if-pre-up.d/iptables \
&& sudo chmod +x /etc/network/if-pre-up.d/iptables \
&& sudo chmod 755 /etc/network/if-pre-up.d/iptables |
Voila. You can now reboot and your iptables rules will stay persistent.