You are not logged in.

#1 2016-09-21 07:11:29

Stencon281
Member
Registered: 2016-09-21
Posts: 40

giving internet to an rpi3 via ethernet tether, from laptop wifi

My goal is to give my pi3 internet via wifi from the laptop it is connected to via ethernet cable. I have a so-so understanding of how networks work so I'm not sure if all I will need it iptables for this project. I'm using an rpi3 (using raspbian) set to a static-ip of 192.168.1.124 on boot, to ssh into it I set my laptop's static ip to 192.168.1.123 via

sudo ifconfig enp0s25 up 192.168.1.123

then log into the rpi3 with

putty -load rpi3

Arch ifconfig
http://sprunge.us/BPFF

Now I'm not so sure about what to do next, could use a little help!

Offline

#2 2016-09-21 10:09:21

ayekat
Member
Registered: 2011-01-17
Posts: 1,589

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

Welcome to the Arch Linux forums!

Have you read https://wiki.archlinux.org/index.php/Internet_sharing?

It essentially boils down to:

  • Enabling IP packet forwarding (sysctl, or manually in /proc/sys)

  • Setting up IP packet masquerading (with iptables or nftables)

  • Running a DHCP server (dnsmasq, ...) (you set your Pi's IP address manually, so there is no need for that)

Slightly offtopic questions: why use ifconfig instead of ip, and why use putty instead of simply ssh?

Last edited by ayekat (2016-09-21 12:34:46)


pkgshackscfgblag

Offline

#3 2016-09-21 18:54:46

Stencon281
Member
Registered: 2016-09-21
Posts: 40

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

ayekat wrote:

Welcome to the Arch Linux forums!

Have you read https://wiki.archlinux.org/index.php/Internet_sharing?

It essentially boils down to:

  • Enabling IP packet forwarding (sysctl, or manually in /proc/sys)

  • Setting up IP packet masquerading (with iptables or nftables)

  • Running a DHCP server (dnsmasq, ...) (you set your Pi's IP address manually, so there is no need for that)

Slightly offtopic questions: why use ifconfig instead of ip, and why use putty instead of simply ssh?

Yes, I have read that link and I wasn't sure if the enp0s25 device  (or is this an interface?) needed to be bridged with the wlp3s0 device for the rpi3 to receive internet. Also I would rather use DHCP server instead of a static IP so I could run this on brand new rpi3s by just enabling SSH on them. If I run

https://wiki.archlinux.org/index.php/dnsmasq

how would I be able to view the ip assigned to an rpi3 that is directly tethered to my laptop? Does the dhcpcd server have a base subnet of 192 and could it still detect a rpi3 that had a static of 10.X

Offline

#4 2016-09-22 06:41:50

ayekat
Member
Registered: 2011-01-17
Posts: 1,589

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

Stencon281 wrote:

I wasn't sure if the enp0s25 device  (or is this an interface?) needed to be bridged with the wlp3s0 device for the rpi3 to receive internet.

No, I'd suggest keeping the two networks separate rather than bridging.

If I run dnsmasq how would I be able to view the ip assigned to an rpi3 that is directly tethered to my laptop?

If you run dnsmasq as described in https://wiki.archlinux.org/index.php/Dn … rver_setup (and you set e.g. dhcp-range=172.16.0.1,172.16.0.2), you will need to assign an IP address to enp0s25 in that range (otherwise, dnsmasq will not react on DHCP requests).

/var/lib/misc/dnsmasq.leases should then usually contain all address leases that have currently been handed out to clients. You can also check the journal (dnsmasq usually prints useful info whenever a new client gets an address lease). If you know the Pi's network card's MAC address, you can also configure a static lease with something like dhcp-host=01:23:45:67:89:AB,172.16.0.2 to always assign 172.16.0.2 to your Pi.

Once your Pi gets an IP address, you need to configure your firewall to masquerade outgoing packets coming from your Pi, so that you don't send out packets with bogus source addresses to the outside world.


pkgshackscfgblag

Offline

#5 2016-09-25 08:11:18

Stencon281
Member
Registered: 2016-09-21
Posts: 40

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

ayekat wrote:
Stencon281 wrote:

I wasn't sure if the enp0s25 device  (or is this an interface?) needed to be bridged with the wlp3s0 device for the rpi3 to receive internet.

No, I'd suggest keeping the two networks separate rather than bridging.

If I run dnsmasq how would I be able to view the ip assigned to an rpi3 that is directly tethered to my laptop?

If you run dnsmasq as described in https://wiki.archlinux.org/index.php/Dn … rver_setup (and you set e.g. dhcp-range=172.16.0.1,172.16.0.2), you will need to assign an IP address to enp0s25 in that range (otherwise, dnsmasq will not react on DHCP requests).

/var/lib/misc/dnsmasq.leases should then usually contain all address leases that have currently been handed out to clients. You can also check the journal (dnsmasq usually prints useful info whenever a new client gets an address lease). If you know the Pi's network card's MAC address, you can also configure a static lease with something like dhcp-host=01:23:45:67:89:AB,172.16.0.2 to always assign 172.16.0.2 to your Pi.

Once your Pi gets an IP address, you need to configure your firewall to masquerade outgoing packets coming from your Pi, so that you don't send out packets with bogus source addresses to the outside world.

Would bridging enp0s25 and wlp3s0 make my laptop unable to use internet by chance?

Offline

#6 2016-09-25 09:58:14

Stencon281
Member
Registered: 2016-09-21
Posts: 40

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

ayekat wrote:
Stencon281 wrote:

I wasn't sure if the enp0s25 device  (or is this an interface?) needed to be bridged with the wlp3s0 device for the rpi3 to receive internet.

No, I'd suggest keeping the two networks separate rather than bridging.

If I run dnsmasq how would I be able to view the ip assigned to an rpi3 that is directly tethered to my laptop?

If you run dnsmasq as described in https://wiki.archlinux.org/index.php/Dn … rver_setup (and you set e.g. dhcp-range=172.16.0.1,172.16.0.2), you will need to assign an IP address to enp0s25 in that range (otherwise, dnsmasq will not react on DHCP requests).

/var/lib/misc/dnsmasq.leases should then usually contain all address leases that have currently been handed out to clients. You can also check the journal (dnsmasq usually prints useful info whenever a new client gets an address lease). If you know the Pi's network card's MAC address, you can also configure a static lease with something like dhcp-host=01:23:45:67:89:AB,172.16.0.2 to always assign 172.16.0.2 to your Pi.

Once your Pi gets an IP address, you need to configure your firewall to masquerade outgoing packets coming from your Pi, so that you don't send out packets with bogus source addresses to the outside world.

Thanks got it to work big_smile

FluxBB bbcode test

Offline

#7 2016-10-07 17:57:55

Stencon281
Member
Registered: 2016-09-21
Posts: 40

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

Whatever you do, do not have dhcpcd and dnsmasq running at the same time! I mistakenly did this and face palmed pretty hard when I realized I couldn't connect to my pi because of a conflict between dhcpcd and dnsmasq.

Offline

#8 2016-10-07 18:11:06

ayekat
Member
Registered: 2011-01-17
Posts: 1,589

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

I don't see an issue running dhcpcd on the Internet-facing network interface card (here wlp3s0).
And even running dhcpcd on the NIC facing the Pi (enp0s25) shouldn't cause any trouble - you will simply not get an IP address on that interface.

Last edited by ayekat (2016-10-07 18:11:36)


pkgshackscfgblag

Offline

#9 2016-10-07 18:47:35

Stencon281
Member
Registered: 2016-09-21
Posts: 40

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

ayekat wrote:

I don't see an issue running dhcpcd on the Internet-facing network interface card (here wlp3s0).
And even running dhcpcd on the NIC facing the Pi (enp0s25) shouldn't cause any trouble - you will simply not get an IP address on that interface.

I think this is probably very wrong, but it does work. Please let me know of a better way to do this.
Here's what I run to share internet to my pi3.

Here are the outputs of what was running after I ran the alias above and was able to ssh into the pi3.

systemctl --type=service

systemctl list-unit-files

Also, I think I found why I was unable to connect to my pi3 earlier when I had dhcpcd running on boot then running my pi3 script. Earlier, there were only ipv6 addresses being assigned but no ipv4s... at the very bottom of the /etc/dhcpcd.conf there's

slaac private
noipv4ll

Output of /etc/dhcpcd.conf

Last edited by Stencon281 (2016-10-08 02:07:32)

Offline

#10 2016-10-07 19:48:29

ayekat
Member
Registered: 2011-01-17
Posts: 1,589

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

Stencon281 wrote:
alias netshare='
		sudo ifconfig enp0s25 up 192.168.1.123
                sudo sysctl net.ipv4.conf.enp0s25.forwarding=1;
                sudo sysctl net.ipv4.conf.wlp3s0.forwarding=1;

	  	sudo iptables -t nat -A POSTROUTING -o wlp3s0 -j MASQUERADE;
      	  	sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT;
	  	sudo iptables -A FORWARD -i enp0s25 -o wlp3s0 -j ACCEPT
		sudo dnsmasq -C ~/zsh_files/network/dnsmasq.conf'

Depending on what's in ~/zsh_files/network/dnsmasq.conf, this looks fine to me (the rules for the FORWARD chain in iptables are only necessary if you drop/block packets by default).

Concerning the "style", I'd rather create a function than an alias (and also write a function that tears down the setup after use, to keep it "clean").
Also, ifconfig has been deprecated on Linux; your command would be

ip addr add 192.168.1.123/24 dev enp0s25

(note that I assume a network mask of /24 - YMMV)


pkgshackscfgblag

Offline

#11 2016-10-07 20:02:58

Stencon281
Member
Registered: 2016-09-21
Posts: 40

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

ayekat wrote:
Stencon281 wrote:
alias netshare='
		sudo ifconfig enp0s25 up 192.168.1.123
                sudo sysctl net.ipv4.conf.enp0s25.forwarding=1;
                sudo sysctl net.ipv4.conf.wlp3s0.forwarding=1;

	  	sudo iptables -t nat -A POSTROUTING -o wlp3s0 -j MASQUERADE;
      	  	sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT;
	  	sudo iptables -A FORWARD -i enp0s25 -o wlp3s0 -j ACCEPT
		sudo dnsmasq -C ~/zsh_files/network/dnsmasq.conf'

Depending on what's in ~/zsh_files/network/dnsmasq.conf, this looks fine to me (the rules for the FORWARD chain in iptables are only necessary if you drop/block packets by default).

Concerning the "style", I'd rather create a function than an alias (and also write a function that tears down the setup after use, to keep it "clean").
Also, ifconfig has been deprecated on Linux; your command would be

ip addr add 192.168.1.123/24 dev enp0s25

(note that I assume a network mask of /24 - YMMV)

Do you recommend the function be in a seperate file or is it ok to have a bunch of functions defined in the same zsh file?

dnsmasq.conf contents

Last edited by Stencon281 (2016-10-08 02:07:08)

Offline

#12 2016-10-07 22:46:22

ayekat
Member
Registered: 2011-01-17
Posts: 1,589

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

I don't know if you have noticed, but whenever you post a link, for some reason a rogue / slips in at the beginning, rendering your URLs unusable.
Also, you don't need to full-quote every post smile

Stencon281 wrote:

[...] in the same zsh file?

I don't know what you mean with that - is that "zsh file" your zshrc? Or is it a separate, executable script?
In any case I would put the two functions together, otherwise it might become a little cumbersome to maintain.

I would personally do something like this:

#!/bin/sh

if [ "$(id -u)" != '0' ]; then
    # error message that tells the user to run this script as root
    exit 2
fi

case "$1" in
    enable)
        # code that sets up network sharing
        ;;
    disable)
        # code that tears down network sharing
        ;;
    *)
        # some error message that tells the user what arguments are accepted
        exit 1
esac

Then place it somewhere where you keep your personal scripts (e.g. as ~/.local/bin/netshare, or ~/.scripts/netshare - just whatever is in your $PATH), and you can use it like

$ sudo netshare enable

and

$ sudo netshare disable

pkgshackscfgblag

Offline

#13 2016-10-07 23:49:16

Xyne
Administrator/PM
Registered: 2008-08-03
Posts: 6,963
Website

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

If you want a starting point for ayekat's approach, take a look at my related notes and scripts.


My Arch Linux StuffForum EtiquetteCommunity Ethos - Arch is not for everyone

Offline

#14 2016-10-08 02:12:21

Stencon281
Member
Registered: 2016-09-21
Posts: 40

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

ayekat wrote:

I don't know if you have noticed, but whenever you post a link, for some reason a rogue / slips in at the beginning, rendering your URLs unusable.
Also, you don't need to full-quote every post smile

Thanks for pointing that out, I found the problem and edited the posts where I had links.

Also, here's what my folder containing all my aliases / scripts look like. This should clarify what I meant earlier. I will be following the bash outline you mentioned above as well. Thanks!

http://i.imgur.com/vEFbO8p.png

modedit by Xyne: Please read our forum etiquette concerning images.

Last edited by Xyne (2016-10-08 13:42:46)

Offline

#15 2016-10-09 02:54:44

Stencon281
Member
Registered: 2016-09-21
Posts: 40

Re: giving internet to an rpi3 via ethernet tether, from laptop wifi

Sorry about that.

Offline

Board footer

Powered by FluxBB