This guide is for advanced users who want to build a WiFi bridge between the access point and the Ethernet port based on the Raspberry Pi board. Each step of the instruction must be followed carefully. Create backup copies of your work materials and files from the Raspberry Pi board, if necessary, before proceeding with the implementation guide.
First, you need to download the latest updates for the Raspberry Pi. Use the following commands for this:
sudo apt-get update
sudo apt-get upgrade
Next, you will need to run a server with DNS and DHCP services on the Raspberry Pi, which will allocate IP addresses to clients connected to the Ethernet port of the card. For this, we will use the dnsmasq program.
To install dnsmasq on a Raspberry Pi, use the following command:
sudo apt-get install dnsmasq
Be sure to connect to a working WiFi router using the icon in the upper right corner of the desktop or by editing the wpa_supplicant.conf file.
To edit the wpa_supplicant file, use the following command:
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
Fill in the file information about your WiFi connection, as shown below:
network={
ssid=”networkname”
psk=”networkpassword”
}
Make sure you have access to the Internet before going further.
Now edit the dhcpcd.conf file with the following command:
sudo nano /etc/dhcpcd.conf
Add the following information to the end of the file:
interface eth0
static ip_address=192.168.220.1/24
static routers=192.168.220.0
To restart the dhcpcd program use the command:
sudo service dhcpcd restart
Back up the dnsmasq program settings file with the command:
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
Edit the file as follows:
sudo nano /etc/dnsmasq.conf
Add the following information to the file:
interface=eth0 # Use interface eth0
listen-address=192.168.220.1 # Specify the address to listen on
bind-interfaces # Bind to the interface
server=8.8.8.8 # Use Google DNS
domain-needed # Don’t forward short names
bogus-priv # Drop the non-routed address spaces.
dhcp-range=192.168.220.50,192.168.220.150,12h # IP range and lease time
Now you need to change the firewall settings of the RPI card with the command:
sudo nano /etc/sysctl.conf
In this file, uncomment the lines:
#net.ipv4.ip_forward=1
removal of the sign “lattice”
net.ipv4.ip_forward=1
Now we can activate the changes with the following command:
sudo sh -c “echo 1 > /proc/sys/net/ipv4/ip_forward”
Next, you need to enter new rules for the firewall through the iptables program, using the following three lines:
sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
sudo iptables -A FORWARD -i wlan0 -o eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
To save changes to firewall rules, use the command:
sudo sh -c “iptables-save > /etc/iptables.ipv4.nat”
In order for these changes to be applied at every reboot, you need to enable them in the startup script:
sudo nano /etc/rc.local
Before the line “exit 0” add the line:
iptables-restore < /etc/iptables.ipv4.nat
Now you can restart the dnsmasq program with the command:
sudo service dnsmasq start
Then restart the RPI board:
sudo reboot
We hope you have not turned your Raspberry Pi board into a brick 🙂 Ask your questions in the comments, we will try to answer each one!