N6XRE DokuWiki

This is an old revision of the document!


ZFS - Firewalls

1. Raspbian

2. Raspbian

3. Amazon Alexa on a Raspberry Pi

4. HEADLESS RASPBERRY PI 3 B+ SSH WIFI SETUP

5. Raspberry Pi 4 as a Network Router

Top
https://youtu.be/owxOAZAp00Y

Top
https://github.com/garyexplains/examples/blob/master/raspberry_pi_router.md

@garyexplains garyexplains Update raspberry_pi_router.md
98a9f21 on Nov 21, 2019
139 lines (108 sloc)  4.07 KB
 
Assumption
You have Raspian installed on your Pi and that its primary LAN (eth0) is 
configured to use DHCP. It will likely get its address information from 
your Internet modem/routers. I assume you can connect to it over eth0.

Install dnsmasq
From the command line, run sudo apt install dnsmasq to install dnsmasq. 
Stop it, for now, with sudo systemctl stop dnsmasq

Static IP for eth1
Now set a static IP address for the second ethernet connection (eth1). 
Edit /etc/dhcpcd.conf with sudo nano /etc/dhcpcd.conf. Go to the end of 
the file and edit it so that it looks like the following:

interface eth1
    static ip_address=192.168.7.1/24
Configure dnsmasq
Discard the old conf file and create a new configuration:

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
sudo nano /etc/dnsmasq.conf
Add these lines:

interface=eth1
dhcp-range=192.168.7.100,192.168.7.120,255.255.255.0,24h
This will define a new DHCP range 192.168.7.x which will be administered 
by the Pi via eth1.

Now start dnsmasq with sudo systemctl start dnsmasq

Note
To see clients connected to eth1 use cat /var/lib/misc/dnsmasq.leases

The output will be something like

574256399 00:10:a7:0c:a2:c1 192.168.7.109 rpi3a 01:00:10:a7:0c:a2:c1
IP forwarding
Edit /etc/sysctl.conf with sudo nano /etc/sysctl.conf and this add line 
(for persistence)

net.ipv4.ip_forward=1
Activate forwarding now with sudo sysctl -w net.ipv4.ip_forward=1

Add a masquerade for outbound traffic on eth0

sudo iptables -t nat -A  POSTROUTING -o eth0 -j MASQUERADE
Save the iptables rule.

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"
Edit /etc/rc.local with sudo nano /etc/rc.local and add this just 
above "exit 0" to install these rules on boot.

iptables-restore < /etc/iptables.ipv4.nat
Now the router is working. Connect a wired device to the eth1 network. 
From that device you will have access to the network attached to 
eth0 and eth1 and if eth0's network has Internet, you will get 
Internet access as well.

Now add a third network over Wi-Fi!

Static IP for wlan0
Now set a static IP address for the Wi-Fi (wlan0). Edit 
/etc/dhcpcd.conf with sudo nano /etc/dhcpcd.conf. Go to the end of 
the file and add these lines:

interface wlan0
    static ip_address=192.168.17.1/24
    nohook wpa_supplicant
This will give it a static address of 192.168.17.1

Now restart the DHCP server with sudo service dhcpcd restart

Install hostapd
sudo apt install hostapd
sudo systemctl stop hostapd
Edit the dnsmasq.conf file with sudo nano /etc/dnsmasq.conf and add

interface=wlan0
dhcp-range=192.168.17.100,192.168.17.120,255.255.255.0,24h
Reload the configuration file with sudo systemctl reload dnsmasq

Configure hostapd
To use the 5 GHz band, you can change the operations mode from 
hw_mode=g to hw_mode=a. Possible values for hw_mode are:

a = IEEE 802.11a (5 GHz)
b = IEEE 802.11b (2.4 GHz)
g = IEEE 802.11g (2.4 GHz)
Edit sudo nano /etc/hostapd/hostapd.conf and add these line:

interface=wlan0
driver=nl80211
ssid=PiNet
hw_mode=g
channel=7
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=raspberry
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
PiNet will be the network SSID and the password will be raspberry. 
Change accordingly.

We now need to tell the system where to find this configuration file.

Edit this file sudo nano /etc/default/hostapd and find the line with 
#DAEMON_CONF, and replace it with this:

DAEMON_CONF="/etc/hostapd/hostapd.conf"
Now enable and start hostapd:

sudo systemctl unmask hostapd
sudo systemctl enable hostapd
sudo systemctl start hostapd
You will now have a PiNet Wi-Fi network which has access to the 
network on eth0

General note
If things aren't working as expected after you configured routing with 
eth1 or after you added Wi-Fi support, then a good old fashioned reboot 
will likely fix the problem. Or in the words of the TV show 'IT Crowd', 
"Have you tried turning it off and on again?"

6. My Favourite iPad Pro Accessory: The Raspberry Pi 4

Top
https://youtu.be/IR6sDcKo3V8

Top
Mobile Raspberry Pi with ANY iPad. No USB-C needed.
https://youtu.be/YbvSS8MJm2s

Following on my from earlier video about pairing the Raspberry Pi 4
with the iPad Pro over USB-C, this video show how to pair any iPad
(or iPhone, or Android tablet) with a Pi4 or a Pi3 over WiFi.

Not only that, but this solution solves the problem of how to charge
the iPad while using the Pi, and provides a really nice interface for
working with WiFi while on the go.

TIMESTAMPS:
============

1:35 - What you'll need
3:43 - Install a fresh Raspberry Pi
6:29 - Update all Raspbian packages
6:55 - Install RaspAp
14:00 - Test it out!

USEFUL LINKS and FIXES:

RaspAp Home Page: https://raspap.com/
RaspAp FAQ: https://github.com/billz/raspap-webgui/wiki/FAQs
Run the RaspAp Quick Installer with `curl -sL https://install.raspap.com | bash`.

Fix the issue preventing WiFi scanning from working with
`sudo wpa_supplicant -B -Dnl80211,wext -c/etc/wpa_supplicant/wpa_supplicant.conf -iwlan0`.

Make sure that the `dhcp-range` configuration in dnsmasq.conf
looks like this: `dhcp-range=192.168.50.50,192.168.50.150,12h`
Top
raspap-webgui
https://raspap.com/

7. Raspberry Pi Python Adventures - ZFS

8. Exploring Docker playlist

9. Pi Server based on Docker, with VPN remote access, Dropbox backup, Influx, Grafana, etc.

Top
https://youtu.be/a6mjt8tWUws

Links:
Software and instructions: https://github.com/gcgarner/IOTstack
Installation of PiVPN: https://youtu.be/15VjDVCISj0
SD card reader for Raspberry: http://s.click.aliexpress.com/e/BOuB2Gxq
Used cooler for RPi 4: http://bit.ly/2V4DYyd

10. Set Up an Ethical Hacking Kali Linux Kit on the Raspberry Pi 3 B+ [Tutorial]

11. Execute script on start-up

12. How to use Raspberry Pi as a wireless router with firewall?

13. Edje Electronics channel - TensorFlow-Lite On Pi

14. /dev/video0 missing

15. Streaming Torrents with peerflix on Raspberry Pi

Top
https://youtu.be/DVV8AsQLUlA

Streaming torrents on raspberry pi like popcornflix buttt better!!
○○○ LINKS ○○○

private internet access VPN ► https://www.privateinternetaccess.com/pages/buy-vpn/

raspberry pi 4 ► https://amzn.to/2oOHdhi

peerflix ► https://github.com/mafintosh/peerflix

cast now ► https://github.com/xat/castnow

popcorn ► https://github.com/popcorn-time


16. Boot a Raspberry Pi4 with an SSD to make it reliable and fast

17. Redis

18. MANET

19. BIRD Internet Routing Daemon

20. PiVPN : How to Run a VPN Server on a $35 Raspberry Pi!

Top
PiVPN : How to Run a VPN Server on a $35 Raspberry Pi!
https://youtu.be/15VjDVCISj0

LINKS:
PiVPN Project: http://www.pivpn.io/

OpenVPN Windows Client:
https://openvpn.net/community-downloads/

Tunnelblick (Mac client):
https://tunnelblick.net/downloads.html

VIDEO INDEX:
02:08 - Setting up PiVPN
03:55 - Setting up static local IP address
06:37 - Assigning port number
07:58 - Setting up dynamic dns (DDNS)
09:01 - Dynamic DNS services
13:38 - Creating PiVPN users
14:13 - OVPN user configuration file
16:41 - Configuring Windows Client
18:44 - Router port forwarding
20:03 - Connecting to the VPN on Windows
22:20 - Connecting to the VPN on Android
25:11 - Connecting to the VPN on iOS
25:56 - Connecting to the VPN on Mac
27:13 - Overall VPN Performance
29:45 - Managing Users on VPN
30:52 - Final Thoughts
31:49 - PiVPN works on PCs too
Top
How to connect to Access Server from a Linux computer
https://openvpn.net/vpn-server-resources/how-to-connect-to-access-server-from-a-linux-computer/
How_To_Connect_to_Access_Server_from a_Linux_computer_OpenVPN.pdf


Top
Simple OpenVPN connection setup on Ubuntu 18.04 Bionic Beaver Linux
https://linuxconfig.org/simple-openvpn-connection-setup-on-ubuntu-18-04-bionic-beaver-linux

QR Code
QR Code raspberry_pi (generated for current page)