Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Saturday, 14 July 2018 13:33:21 BST Ralph Corderoy wrote:
> Have you read
> https://nodogsplash.readthedocs.io/en/latest/howitworks.html ?

Well I did, but it was some time ago and I only understood a small part of it.

> As I said a long time ago, you can let nodog set things up and should
> then me able to peer at what it's done with `sudo -i iptables -vL'.

Thanks, but it seems to be working OK now.  I read the comments in 
nodogsplash.conf and was able to arrange it so the Android devices got to see 
the Internet prior to authentication, before locking things down again, post 
authentication.  The good news is that on the phones that I have here Android 
no longer suppresses the 4G connection as it did (that may be a feature of an 
old version of Android, both my wife and myself have new phones now).

I've spent a bit of time sorting out the sizing of objects in the various 
browsers that I have access to here.  Tomorrow, I intend to carry out a trial 
deployment at the WMT and another volunteer is bring me a clutch of Apple kit 
to test it against.  The problem is that I can't really install it until the 
end of the WMT opening hours, because I will need to power down the PoS 
equipment to plug in the Powerline adaptor at the Office Router end (there are 
simply no free sockets).

If all that works OK, then I'll leave it there.  If not, I'll come back for 
another go ;-)

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> 1.  If the nodogsplash webserver is serving the WMT content pages; how
> does it manage that?
>
> The Splash Page is located at /etc/nodogsplash/htdocs, which is the
> default location.  The WMT content is at /var/www/html, which is the
> default location for nginx.  The nodogsplash config file points the
> webserver at the Splash Page for the initial signin and the redirects
> to WMT-Guest.com.
>
> The nginx config file includes 'sites-enabled' and a file called
> WMT-Guest is located in 'sites-available'  This is then linked to
> 'sites-enabled'.  The Pi is set up to be a DNS Server, which simply
> says that the page WMT-Guest.com may be found at the IP Address of the
> Pi (192.168.0.1).  All this has worked well since the Webserver was
> installed in March 2017.  The only problem has been the Android issue.
>
> 2.  A repeat of question 1. really; when the browser surfs to 192.168.0.1 how 
> does it know to get the content from nginx and not the nodogsplash web server?
>
> My understanding is that you can run two webservers at the same IP Address 
> providing that they use different ports.  nodogsplash is using the default 
> port 2050 and nginx is using port 80.  So that ought to work, but I'm still 
> not sure how the content gets to the browser if the nodogsplash webserver is 
> serving it since it won't be reading the nginx config file.

Have you read
https://nodogsplash.readthedocs.io/en/latest/howitworks.html ?

You're right, only one program may listen on a particular TCP socket at
a time for incoming connections to accept, and nginx is listening on the
port 80, HTTP, with nodogsplash listening on port 2050.  The visitor's
browser tries to connect to port 80, not knowing nodog exists.

`sudo -i lsof -ni' will show what programs are currently listening.
It's a variation of «netstat -tl»'s output.

An incoming packet passes through the kernel before being arriving at
the program listen on the destination port for that packet.  Part of the
kernel is the packet filter, which can be inspected and manipulated with
iptables(8).  nodog modifies the filter's configuration as described on
its `how it works' page.  Packets arriving for port 80 are sometimes
passed to port 2050 instead, thus nodog get first dibs.  Once it's
happy, it arranges for the redirection of future packets to cease and so
the approved visitor talks directly to nginx from then on.  nginx is
unaware of nodog's pilfering.  nodog has no part in nginx's serving of
the pucker web site.

As I said a long time ago, you can let nodog set things up and should
then me able to peer at what it's done with `sudo -i iptables -vL'.

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Patrick Wigmore]

On Thu, 12 Jul 2018 07:14:05 +0100, Terry Coles wrote:
> > Given enough time to detect the captive portal, Windows 7 pops up
> > a
> > balloon from the taskbar suggesting that "Additional log on
> > information may be required", which opens a browser when clicked.
> 
> Have you installed nodogsplash?  Just wondering how you know.

My main experience in this case is of a Three pay-as-you-go mobile 
broadband connection. When the credit runs out, the network activates 
a captive portal, which redirects to a message saying you've run out 
of credit and need to top up your account. This triggers Windows 7's 
sluggish pop-up bubble and Firefox's banner about signing in. I've 
never tried it with Android, but I'd expect it to trigger Android's 
sign-in browser too.

The same effect should occur on any captive portal, unless the captive 
portal is deliberately making itself hard to detect.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Wednesday, 11 July 2018 19:17:25 BST Patrick Wigmore wrote:
> On Wed, 11 Jul 2018 17:14:21 +0100, Terry Coles wrote:
> > It's worse than that; I've found that every browser that I've tried
> > on every device that I have access to exhibits different behaviours
> > with this code:

Something that I also found, even before I installed the captive portal, was 
that colours 
are rendered differently on different platforms.  At the time that I developed 
the original 
website, the public website was themed in blue, so I chose that colour for 
buttons, etc.  In 
order to provide the maximum readability, I chose yellow for the button text.  
Unfortunately that text came out pale blue on Android phones, which made it 
unreadable 
outdoors ;-(

> Given enough time to detect the captive portal, Windows 7 pops up a
> balloon from the taskbar suggesting that "Additional log on
> information may be required", which opens a browser when clicked.

Have you installed nodogsplash?  Just wondering how you know.

> Captive portals are a bit of a hack, and largely rely on the
> assumption that, if someone wants to use an internet connection, they
> will open a web browser and try to access a website on the internet.

Fortunately we do need to use a browser; I'd just prefer that it wasn't the 
crippled one that 
comes up at signin on Android 7.0 (and presumably earlier) phones.

> Which leads me to wonder; could the overflow you're seeing have to do
> with the global font size settings (for menus, etc) on the Android
> device you are using? If this is set larger than default, then perhaps
> the portal sign-in browser respects that and renders everything
> larger, while other browsers ignore this setting.

I'm sure that this is a factor.

> If you are more concerned about whether the buttons fit on the screen
> than whether they respect the user's font size preference, it might
> make more sense to specify the font size in viewport width units (vw).
> That is a design decision more than a technical one. Personally I'd
> try a smaller em size first. (It sounds like that's what you've done.)

I wasn't aware of this feature; I'll look into it.

Thanks for your help.

-- 



Terry Coles
-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Patrick Wigmore]

On Wed, 11 Jul 2018 17:14:21 +0100, Terry Coles wrote:
> It's worse than that; I've found that every browser that I've tried
> on every device that I have access to exhibits different behaviours
> with this code:

I think this is just something that happens with captive portals. It's 
not unique to the one you've set up.

Given enough time to detect the captive portal, Windows 7 pops up a 
balloon from the taskbar suggesting that "Additional log on 
information may be required", which opens a browser when clicked.

Captive portals are a bit of a hack, and largely rely on the 
assumption that, if someone wants to use an internet connection, they 
will open a web browser and try to access a website on the internet.

On desktop browsers, if you have a home page that has to be retrieved 
from the internet, then the experience is that the sign-in page will 
appear automatically when your browser tries to load your home page.

For some years, it was easy to get away with assuming that most people 
who wanted to use a WiFi hotspot would open a browser and try to load 
a web page. Then the iPhone happened and suddenly (seemingly) everyone 
wanted to run native phone apps and POP/IMAP mail clients, which would 
(correctly) exhibit error conditions rather than displaying a captive 
portal sign-in page, because they were not web browsers. And so, 
workarounds had to be devised by which devices could detect captive 
portals and display the sign in page to users who might not open a web 
page as soon as they connected to the network.

Almost inevitably, the solutions are not standardised. (And phone and 
tablet OSes have more highly developed solutions than desktop ones.)



> Actually I had problems with the logo, the button text size and the
> background image.
Your button font size was specified in ems. So, it was specified as a 
proportion of the size that it would otherwise have defaulted to if 
you hadn't specified one. Since you hadn't specified any absolute 
sizes that were inherited by the button, the size was relative to the 
default font size for buttons, as chosen by the browser.

This is fairly sensible, provided the browser has a sensible default 
font size. It has the advantage of respecting any custom default font 
size that the end user might have set, which is good for 
accessibility. However, this approach falls down if a browser has a 
stupid default (that wasn't set by the end user).

Which leads me to wonder; could the overflow you're seeing have to do 
with the global font size settings (for menus, etc) on the Android 
device you are using? If this is set larger than default, then perhaps 
the portal sign-in browser respects that and renders everything 
larger, while other browsers ignore this setting.

If the browser is displaying things larger because you have personal 
settings that enlarge things, then you just have to bear in mind that 
that is the enlarged version, not the default, and design it to appear 
enlarged in that browser but "normal" size in the others.

If you are more concerned about whether the buttons fit on the screen 
than whether they respect the user's font size preference, it might 
make more sense to specify the font size in viewport width units (vw). 
That is a design decision more than a technical one. Personally I'd 
try a smaller em size first. (It sounds like that's what you've done.)
-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Wednesday, 11 July 2018 12:04:26 BST Patrick Wigmore wrote:
> I think you've hit the nail on the head there. Android seems to have a
> special browser that appears for signing in to captive portals, and it
> doesn't render web pages quite the same way as the usual browser.
>
> It makes sense that there should be a special browser, since users
> will not necessarily be using the main browser but might still expect
> internet access for other apps that won't show a captive portal log in
> page.

It's worse than that; I've found that every browser that I've tried on every 
device that I have access to exhibits different behaviours with this code:

1.  On Android Phones, an alert is put up with a message to tap to sign in to 
the network.  This launches the 'fake browser' and once 'Continue' is clicked 
on the Sign In page, the WMT content is loaded.

2.  On my Kubuntu laptop, connecting to the WiFi AP has no visible affect but:
  a.  When Chromium is launched, the Sign in Page is loaded automatically.
  b.  When Firefox is launched, there is no alert sound, but a hardly
  visible banner at the top of the page tells me to click on a button to
  sign in.  After that the behaviour is the same as on a phone.

3.  On my son's Windows 10 PC, Chrome behaves in a similar manner to Chromium 
on Linux and IE also gives no alert.

4.  I currently have no access to an iPhone or Windows phone.

> Looking at the home page HTML and CSS, I think the most likely element
> to cause overflow off the screen is the image that says Wimborne Model
> Town Banner.

Actually I had problems with the logo, the button text size and the background 
image.

Using the technique that you suggested, I think I've cracked the logo size.  I 
found some CSS code on the Internet that seems to fix the background image 
(the html code to do the same job only worked on some browsers) and I've had 
to simply reduce the font size in the buttons to make that work.

The biggest problem that I had is that what worked on my Moto G5 Plus, didn't 
on my wife's Moto G6 Plus and/or my laptop and vice versa.  I've now got it 
working reasonably well across all devices that I have access to, but more 
testing will obviously be needed.

Thanks for putting me on the right trail.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Patrick Wigmore]

On Wed, 11 Jul 2018 11:04:29 +0100, Terry Coles wrote:
> On Wednesday, 11 July 2018 10:20:49 BST Terry Coles wrote:
> > All of the pages appear different in one other respect.  Across
> > the top of the Splash Page, there is a page Title that reads
> > 'Sign in to network'. This appears at the top of all the pages. 
> > It's this hangover from the Sign In Page that makes me suspect
> > that nodogsplash is serving the content.
> This statement is actually a load of cobblers.  I just used my Linux
> Laptop and my son's Windows PC to connect to the WMT pretend AP and
> that 'page Title' doesn't appear.  On going back to the phones,
> I've realised that this is nothing more than a banner inserted by
> Android to allow users to decide whether to continue to use the
> network or not (it has the three vertical dots to indicate that a
> menu is available.  So the content is presumably being served by
> nginx but somehow Android 7.0's browser is messing with the
> content, presumably due to something being done in the Splash Page.
> 
> On the laptop and PC, I don't get the Alert that Android puts up and
> which automatically routes the user to the Sign In page when
> clicked.  Instead, the machine simply connects to the AP in the
> normal way and nothing happens until the user opens his browser. 
> This then puts up the Sign In Page and everything works fince from
> then on.

I think you've hit the nail on the head there. Android seems to have a 
special browser that appears for signing in to captive portals, and it 
doesn't render web pages quite the same way as the usual browser.

It makes sense that there should be a special browser, since users 
will not necessarily be using the main browser but might still expect 
internet access for other apps that won't show a captive portal log in 
page.

Looking at the home page HTML and CSS, I think the most likely element 
to cause overflow off the screen is the image that says Wimborne Model 
Town Banner.

The buttons have been given no specified width, so they should just 
get squashed to fit, but the image has an implicit width of 507px, 
with is inconveniently absolute. (And if the image pushes the page 
that wide, then the buttons might go off the screen too.)

Now, I'm a bit rusty on this, but I believe that most mobile browsers, 
encountering this page, with no specified viewport size, would set the 
viewport (representing the visible portion of the page) to the width 
of the widest element (the image). The browser would then scale the 
viewport so that it fits on the screen (i.e. zoom out a bit to make 
everything fit).

So, perhaps the captive portal sign-in browser does not support 
viewports in the same way that a normal mobile browser would.

One option to fix this might be to specify the max-width (as opposed 
to the width) of the image to be 100%. Then it doesn't matter how big 
or small the viewport is.

Another option might be to explicitly set the viewport to the width of 
the widest item on the page. This might be interesting from the point 
of view of seeing whether the captive portal sign-in browser actually 
supports viewports of this nature at all. I imagine this strategy is 
probably not considered best practice, since it's kind of a cheat to 
avoid having to fix the page to work with arbitrarily sized screens.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Wednesday, 11 July 2018 07:27:21 BST Ralph Corderoy wrote:
> Try simplifying splash.html, e.g.
> 
> 
> 
> 
...

I tried using a much simplified page based on this, but it made both the 
Splash Page and the Home Page oversized.  A copy of my current splash.html may 
be found at:

http://www.hadrian-way.co.uk/Misc/Pi_Router/ 

This page fills the screen correctly and centres the text and objects the way 
that I want them.  I have played around with formatting in this page, but so 
far have only manged to make things worse ;-(

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Wednesday, 11 July 2018 10:20:49 BST Terry Coles wrote:
> All of the pages appear different in one other respect.  Across the top of
> the Splash Page, there is a page Title that reads 'Sign in to network'. 
> This appears at the top of all the pages.  It's this hangover from the Sign
> In Page that makes me suspect that nodogsplash is serving the content.

This statement is actually a load of cobblers.  I just used my Linux Laptop 
and my son's Windows PC to connect to the WMT pretend AP and that 'page Title' 
doesn't appear.  On going back to the phones, I've realised that this is 
nothing more than a banner inserted by Android to allow users to decide 
whether to continue to use the network or not (it has the three vertical dots 
to indicate that a menu is available.  So the content is presumably being 
served by nginx but somehow Android 7.0's browser is messing with the content, 
presumably due to something being done in the Splash Page.

On the laptop and PC, I don't get the Alert that Android puts up and which 
automatically routes the user to the Sign In page when clicked.  Instead, the 
machine simply connects to the AP in the normal way and nothing happens until 
the user opens his browser.  This then puts up the Sign In Page and everything 
works fince from then on.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Wednesday, 11 July 2018 07:27:21 BST Ralph Corderoy wrote:
> Is this the content of the web page being served?
> https://github.com/nodogsplash/nodogsplash/blob/master/resources/splash.html

I am using that page as the basis of my Splash Page, which authorises the user 
and tells him/her that they won't have Internet access through the WMT WiFi 
AP.  When the button is clicked the user is redirected to the WMT Home Page, 
where  the buttons to access the content are held.  It's the Home Page, not 
the Splash Page that is being rendered oversize.

If you go to http://www.hadrian-way.co.uk/WMT_Webserver/WMT/ you will see what 
the Visitor is supposed to see once they been authorised (and does see on the 
deployed system).

> Does the page appear different between nodogsplash's HTTP server and
> nginx in any other way that the size it's viewed at?  I don't think the

All of the pages appear different in one other respect.  Across the top of the 
Splash Page, there is a page Title that reads 'Sign in to network'.  This 
appears at the top of all the pages.  It's this hangover from the Sign In Page 
that makes me suspect that nodogsplash is serving the content.

The map page is also oversized, but the Quiz and Audio Guide pages seem to 
work (even though they carry the Sign In title).

> Try simplifying splash.html, e.g.

Splash works OK, as related above.

> Does the user need to see a splash page?  If not, then it could probably
> redirect to `$authtarget' without the user having to read or click
> `Continue'.

Yes. so that I can inform them of the lack of internet access and one or two 
other things.

> way the HTML is served can make a difference, but perhaps one of those
> two isn't serving some other resource that the page references, e.g. an
> image, due to misconfiguration and that's making the page size
> different.

I've been thinking about this problem and after sleeping on it, I think I need 
to find the answers to some basic questions.

1.  If the nodogsplash webserver is serving the WMT content pages; how does it 
manage that?

The Splash Page is located at /etc/nodogsplash/htdocs, which is the default 
location.  The WMT content is at /var/www/html, which is the default location 
for nginx.  The nodogsplash config file points the webserver at the Splash 
Page for the initial signin and the redirects to WMT-Guest.com.

The nginx config file includes 'sites-enabled' and a file called WMT-Guest is 
located in 'sites-available'  This is then linked to 'sites-enabled'.  The Pi 
is set up to be a DNS Server, which simply says that the page WMT-Guest.com 
may be found at the IP Address of the Pi (192.168.0.1).  All this has worked 
well since the Webserver was installed in March 2017.  The only problem has 
been the Android issue.

2.  A repeat of question 1. really; when the browser surfs to 192.168.0.1 how 
does it know to get the content from nginx and not the nodogsplash web server?

My understanding is that you can run two webservers at the same IP Address 
providing that they use different ports.  nodogsplash is using the default 
port 2050 and nginx is using port 80.  So that ought to work, but I'm still 
not sure how the content gets to the browser if the nodogsplash webserver is 
serving it since it won't be reading the nginx config file.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> On my wife's Moto G6 Plus (Android 8.0), this works well.  On my Moto
> G5 Plus (Android 7.0), the Home Page is too big and overflows the
> screen.

Is this the content of the web page being served?
https://github.com/nodogsplash/nodogsplash/blob/master/resources/splash.html

> I suspect this is to do with the built-in webserver that nodogsplash
> uses, because if I surf to the Home Page with nodogsplash disabled it
> works correctly.  I used nginx for the original content.

Does the page appear different between nodogsplash's HTTP server and
nginx in any other way that the size it's viewed at?  I don't think the
way the HTML is served can make a difference, but perhaps one of those
two isn't serving some other resource that the page references, e.g. an
image, due to misconfiguration and that's making the page size
different.

Try simplifying splash.html, e.g.








$gatewayname Entry


$gatewayname Hotspot Gateway.
Welcome!  For access to the Internet, please click Continue.








Does the user need to see a splash page?  If not, then it could probably
redirect to `$authtarget' without the user having to read or click
`Continue'.

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 11:34:02 BST Terry Coles wrote:
> I have placed files showing yhe physical and software configuration at
> http://www.hadrian-way.co.uk/Misc/Pi_Router/.
> 
> Simply put, the on-site Wi-Fi Antenna is acting as a DHCP server as well as
> an Access Point and is connected to the default Ethernet port (eth0) on the
> Pi. A USB / Ethernet Adaptor (eth1) then provides a link to the Office
> Router and the Internet.  This port obtains it's IP address automatically.
> 
> Using information from various sources I've set up dhcpcd.conf, dnsmasq.conf
> and iptables to allow traffic to be routed between the two networks.  The
> problem is that when I plug the cable into eth0 nothing is routed to
> anywhere. As soon as I unplug it, the path to the Internet is restored.

It's been a while since I last posted. I had a number of problems, most of 
which I have 
now overcome and I also had a family holiday that got in the way.

In the end, I used dnsmasq to set up the DNS Server on the Pi and I removed all 
the 
routing that I had set up using iptables commands because nodogsplash covers 
everything! In its config file.  I was able to allow only those protocols (UDP 
and TCP port 
53) that were needed to fool the phone into thinking it was on the internet 
prior to 
authentication and then port 80 and 443 to the Pi (combined Router and 
Webserver) to 
serve the content. It seems to work pretty well.

I now only have one problem (I hope). Before I started using nodogsplash, many 
of the 
Visitors were having to accept that our WiFi Access Point had no internet 
access before 
they could surf to our Home Page. This not very reliable and each version of 
Android 
behaved differently as related in my message of many months ago.  With 
nodogsplash, 
the Visitor is presented with a Sign-on Page, which he has to read and then 
Click 
'Continue'.  This routes him to the original Home Page and thence to the 
content.

On my wife's Moto G6 Plus (Android 8.0), this works well.  On my Moto G5 Plus 
(Android 
7.0), the Home Page is too big and overflows the screen.  I suspect this is to 
do with the 
built-in webserver that nodogsplash uses, because if I surf to the Home Page 
with 
nodogsplash disabled it works correctly.  I used nginx for the original content.

Any suggestions on how I can resolve this?

-- 



Terry Coles
-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-17 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Friday, 22 June 2018 12:33:30 BST Terry Coles wrote:
> Now I can get back to installing NodogSplash

Well.  Not quite.  My test setup had the Client as a Raspberry Pi with a fixed 
IP address, 
whereas the final setup will be a Wi-Fi AP with mobile clients looking for an 
IP Address.  
When I put my simulated AP back in to the system, none of the clients got an IP 
Address.

It's taken pretty much all day, but I think I now have it working (with a Pi 
Client at least).  
There were several problems, but the main one was the 'bind-interfaces' entry 
in 
dnsmasq.conf.  This prevented the DHCP server from starting properly until 
dnsmasq was 
restarted.

Also, I found out how to set the METRIC value in the routes.  That took me a 
while, 
because it isn't mentioned in the man pages for route or iptables and the 
references in the 
man page for ip didn't actually explain it very well (to me it least).  I then 
found a web page 
with a posting that showed how it could be set up in dhcpcd.conf, viz:

interface eth0
static ip_address=192.168.0.1/24
static routers=192.168.0.1
static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1
metric 200

interface eth1
metric 100

The system barfs at the moment, because eth0 does not have a domain name 
server, but 
it will do :-)

Now I can get back to installing NodogSplash  :-)

-- 



Terry Coles
-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Friday, 22 June 2018 13:36:07 BST Ralph Corderoy wrote:
> This means you have two default routes.  The default route is the one to
> take when none of the other routes match.  When more than one route
> matches, because they have the same specificity, then the one with the
> lowest metric wins, here 202. — Sun, 17 Jun 2018 18:42:53 +0100.
> > eventually it dawned on me that the user of an Access Point *wants*
> > the route to be that way round.
> 
> Doesn't sound like the same issue as before then;  that was two default
> routes on router-pi, each via a separate interface.

No.  I think it's exactly the same issue as before.  The problem was that I 
didn't hit on the right solution straight away and the other things that i 
tried simply ended up strewing obstacles in my path.

> That's good.  Can you sit on router-pi and ping the Internet and
> client-pi?

Yes.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> https://pimylifeup.com/raspberry-pi-wireless-access-point/

That looks quite good.  I'm a bit puzzled by `routers' being a host
address of 0, but I suppose it depends how dhcpcd uses these to
configure the routing table.

interface wlan0
static ip_address=192.168.220.1/24
static routers=192.168.220.0

In common usage, the first address in a subnet, all binary zero in
the host identifier, is reserved for referring to the network
itself, while the last address, all binary one in the host
identifier, is used as a broadcast address for the network; this
reduces the number of addresses available for hosts by 2.
— 
https://en.wikipedia.org/wiki/IPv4_subnetting_reference#IPv4_CIDR_blocks

> Everything worked but I had exactly the same response as I had on
> Sunday wrt the route metrics.  There isn't much online (that I could
> see) about the meaning of the metrics

Earlier in this thread:

This means you have two default routes.  The default route is the one to
take when none of the other routes match.  When more than one route
matches, because they have the same specificity, then the one with the
lowest metric wins, here 202. — Sun, 17 Jun 2018 18:42:53 +0100.

> eventually it dawned on me that the user of an Access Point *wants*
> the route to be that way round.

Doesn't sound like the same issue as before then;  that was two default
routes on router-pi, each via a separate interface.

> I simply reversed the iptables setup and I can now ping from my Client
> Pi to the Internet.

That's good.  Can you sit on router-pi and ping the Internet and
client-pi?

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Wednesday, 20 June 2018 14:12:08 BST Terry Coles wrote:
> One thing: I remembered that I'd been able to lay my hands on a Pi Zero for
> the WMT and it's been in my spares draw ever since.  So assuming that I can
> cobble together enough peripherals, I should be able to set up the
> configuration that you suggested.

It's taken me a while, and several iterations, but at last I've made some 
progress.  It took 
me a some time to get sufficient cables and adapters to allow me to set up a 
system like 
this:

Internet --- House Router  RPi Router --- RPi Client

The LHS of RPi Router goes through the USB / Ethernet Adapter and is configured 
by the Pi 
as eth1.  It obtains its address using DHCP in the House Router.

The RHS of RPi Router goes through the default Ethernet port and is configured 
by the Pi 
as eth0.  It has a fixed IP address.

The RPI Client is connected through the default Ethernet port and is configured 
by the Pi 
as eth0.  It has a fixed IP address.

I then tried to set up the Router Pi using a combination of the settings from 
the 
PiMyLifeUp and the QckTech  pages referenced earlier and found that I ended up 
with a 
broken DHCP server.  I did this several times starting from a clean 
installation of Raspbian.  

This morning, I ignored the QckTech page completely (ie, no settings in the 
interfaces file) 
and did what I did originally, by following the PiMyLifeUp AP Tutorial at:

https://pimylifeup.com/raspberry-pi-wireless-access-point/

but substituting eth1 for wlan0 and setting the IP Addresses / Ranges as above. 
 
Everything worked but I had exactly the same response as I had on Sunday wrt 
the route 
metrics.

There isn't much online (that I could see) about the meaning of the metrics, 
but eventually 
it dawned on me that the user of an Access Point *wants* the route to be that 
way round.  
I simply reversed the iptables setup and I can now ping from my Client Pi to 
the Internet.

Now I can get back to installing NodogSplash

-- 



Terry Coles
-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Wednesday, 20 June 2018 13:09:36 BST Ralph Corderoy wrote:
> > Anyone know haoe to fix the IP Address on an Android phone?
> 
> It seems it's possible, e.g. https://it.uoregon.edu/node/3559

Not any more it seems.  That page was written when Jelly Bean was the latest 
version of Android (4.1, circa 2012).  My device is Nougat (Android 7.0) and 
the current one is Oreo (Android 8.0).

I can remember plugging a Micro USB to Ethernet Adaptor into my old Nexus 5 
phone and it worked, but that was probably Android 6.0 or even 5.0 at the 
time.

My Moto G5 Plus, doesn't even blink when I plug the adaptor in, so I can't set 
an IP Address for the port, since Ethernet ports are no longer supported.

Having spent the morning buying a new phone for my wife (said Nexus 5 popped 
its clogs yesterday), I am now looking at this again.

One thing: I remembered that I'd been able to lay my hands on a Pi Zero for 
the WMT and it's been in my spares draw ever since.  So assuming that I can 
cobble together enough peripherals, I should be able to set up the 
configuration that you suggested.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> Anyone know haoe to fix the IP Address on an Android phone?

It seems it's possible, e.g. https://it.uoregon.edu/node/3559

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> > ...that you understood.  :-)
>
> No.  I did what most other Raspberry Pi users do; I followed the
> Tutorial and assumed that the author knew what he was doing.

I wasn't referring to that.

> > > One final question.  If I open a default copy of
> > > /etc/network/interface, it says that the file is intended to be
> > > used with dhcpcd.conf.  Do I still need to define the static IP
> > > address of eth0 in both places or just here?
> > 
> > Well, in your new `start from scratch' there won't be a DHCP server
> > to read dhcpcd.conf.  :-)  You should be telling the server to just
> > listen on eth0 rather than its default of all interfaces that are up
> > and can broadcast.  I don't see any reason why it would need to be
> > told eth0's static address is 192.168.0.9 as it won't be handling a
> > DHCPDISCOVER request for that interface as it's statically defined
> > in /etc/network/interfaces.
>
> Are you sure about that?

Yes, I'm sure about that, but it's not relevant because I missed the
switch from talking about the DHCP server, with its dhcpd.conf, that
needs to serve the mobiles, and the dhcp`c'd.conf when you introduced
it.

I agree, since dhcpcd is running then use its dhcpcd.conf to configure
the static interface.

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Tuesday, 19 June 2018 14:42:40 BST Terry Coles wrote:
> I don't have laptops that run anything else :-)

Unfortunately, I seem to have lost my second USB Type A to Ethernet Adaptor.  
I need two; one for eth1 on the Pi and one for the laptop.  I have several 
Micro USB to Ethernet Adaptors, but no Type A to Micro USB receptacle 
adaptors.  My main laptop only has Type A and C receptacles.  Lead time for 
reasonably cheap ones off Amazon varies from weeks to months.  Or I can spend 
£15 at Currys.

I might be able to get hold of a Pi Zero, but I may then have problems with 
keyboards and monitors.

Anyone know haoe to fix the IP Address on an Android phone?
 
-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Tuesday, 19 June 2018 14:22:39 BST Ralph Corderoy wrote:
> A laptop running Linux would do as well.

I don't have laptops that run anything else :-)

> ...that you understood.  :-)

No.  I did what most other Raspberry Pi users do; I followed the Tutorial and 
assumed that the author knew what he was doing.  The fact is that he probably 
did, but since he was doing this five years ago and / or didn't have exactly  
the same hardware as me, there is no guarantee that the Tutorial is still 
correct.

If I fully understood this stuff, I'd have 'rolled my own'.  :-)

> > One final question.  If I open a default copy of
> > /etc/network/interface, it says that the file is intended to be used
> > with dhcpcd.conf.  Do I still need to define the static IP address of
> > eth0 in both places or just here?
> 
> Well, in your new `start from scratch' there won't be a DHCP server to
> read dhcpcd.conf.  :-)  You should be telling the server to just listen
> on eth0 rather than its default of all interfaces that are up and can
> broadcast.  I don't see any reason why it would need to be told eth0's
> static address is 192.168.0.9 as it won't be handling a DHCPDISCOVER
> request for that interface as it's statically defined in
> /etc/network/interfaces.

Are you sure about that?  The file dhcpcd.conf is installed by default and all 
the latest instructions (eg 
https://www.raspberrypi.org/learning/networking-lessons/rpi-static-ip-address/) 
tell the users to define a static IP Address 
there.  The interfaces file is not mentioned anywhere.  Clearly, there won't 
be a functioning DHCP Server unless I define a range, but the infrastructure 
is clearly in place and the file must be read by the Pi, otherwise the device 
wouldn't get its IP Address.

My question was really should I define the Static IP Address in dhcpcd.conf 
(as instructed), in /etc/Network/interfaces, or both?

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Tuesday, 19 June 2018 13:50:38 BST Hamish MB wrote:
> Raspbian lite might be a good choice?
 
It's certainly a good choice when the system is to run headless, but I don't 
think it would make any difference in this instance.

Anyway, I've already burnt the new SD Card and am in the process of updating 
it.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Hamish MB]

Raspbian lite might be a good choice?


On 19/06/18 13:41, Terry Coles wrote:
> On Tuesday, 19 June 2018 12:00:42 BST Ralph Corderoy wrote:
>> You've assembled a system of software parts and it doesn't work.
>> Debugging it will be hard because of the possible interactions between
>> the parts that are unknown.  I'd try to strip it back to the minimal and
>> get that working, e.g. same hardware, eth1 configured by DHCP, as now,
>> eth0 manual configuration, customer-mobile (another Pi?) manual too.
>> Ping from pi-3 to Internet, and then the pi-mobile to each of the
>> interfaces along the route to the Internet.
> Unfortunately, I'm fresh out of Pis but I may be able to cobble together
> something using a mobile phone or laptop connected by Ethernet instead of via
> the Belkin Router.  I was already thinking of substituting the Belkin Router
> with another one, if I can find a suitable device, but your suggestion would
> remove yet another variable.
>
> I was also thinking of starting again from scratch with a clean installation
> of Raspbian and building the RPi Router from there, before ever attempting
> something like NoDogSplash.  At least then I would know that I haven't
> introduced some incompatibility along the way.
>
>> Given `address', ...
> I'm sorry, I don't understand that comment.
>
>> `netmask', `network' and `broadcast' are redundant here as they're
>> corresponding values that can be simply computed.
> OK.  I was simply following the tutorial that I had found.
>
>> It's a gateway from the perspective of that interface, not how others
>> see that interface as this isn't being used to configure those others.
>> See interfaces(5) for that system and
>> https://debian-handbook.info/browse/stable/sect.network-config.html#sect.int
>> erface-ethernet I don't think you want it at all, and that suggests the
>> http://qcktech.blogspot.com/2012/08/raspberry-pi-as-router.html you
>> reference may have other problems.
> OK.  I'll look into that.
>
>> These are the commands that one version of ifup(8) and friends run from
>> package ifupdown's `inet.defn' so you can see how `gateway' is used.
> OK.  I'll look into that too.
>
> One final question.  If I open a default copy of /etc/network/interface, it
> says that the file is intended to be used with dhcpcd.conf.  Do I still need
> to define the static IP address of eth0 in both places or just here?
>
>

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Tuesday, 19 June 2018 12:00:42 BST Ralph Corderoy wrote:
> You've assembled a system of software parts and it doesn't work.
> Debugging it will be hard because of the possible interactions between
> the parts that are unknown.  I'd try to strip it back to the minimal and
> get that working, e.g. same hardware, eth1 configured by DHCP, as now,
> eth0 manual configuration, customer-mobile (another Pi?) manual too.
> Ping from pi-3 to Internet, and then the pi-mobile to each of the
> interfaces along the route to the Internet.

Unfortunately, I'm fresh out of Pis but I may be able to cobble together 
something using a mobile phone or laptop connected by Ethernet instead of via 
the Belkin Router.  I was already thinking of substituting the Belkin Router 
with another one, if I can find a suitable device, but your suggestion would 
remove yet another variable.

I was also thinking of starting again from scratch with a clean installation 
of Raspbian and building the RPi Router from there, before ever attempting 
something like NoDogSplash.  At least then I would know that I haven't 
introduced some incompatibility along the way.

> Given `address', ...

I'm sorry, I don't understand that comment.

> `netmask', `network' and `broadcast' are redundant here as they're
> corresponding values that can be simply computed.

OK.  I was simply following the tutorial that I had found.

> It's a gateway from the perspective of that interface, not how others
> see that interface as this isn't being used to configure those others.
> See interfaces(5) for that system and
> https://debian-handbook.info/browse/stable/sect.network-config.html#sect.int
> erface-ethernet I don't think you want it at all, and that suggests the
> http://qcktech.blogspot.com/2012/08/raspberry-pi-as-router.html you
> reference may have other problems.

OK.  I'll look into that.

> These are the commands that one version of ifup(8) and friends run from
> package ifupdown's `inet.defn' so you can see how `gateway' is used.

OK.  I'll look into that too.

One final question.  If I open a default copy of /etc/network/interface, it 
says that the file is intended to be used with dhcpcd.conf.  Do I still need 
to define the static IP address of eth0 in both places or just here?


-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> At first, because the problem was related to routes, I assumed that I
> had introduced the problem when I set up the routing using IP Tables.

You've assembled a system of software parts and it doesn't work.
Debugging it will be hard because of the possible interactions between
the parts that are unknown.  I'd try to strip it back to the minimal and
get that working, e.g. same hardware, eth1 configured by DHCP, as now,
eth0 manual configuration, customer-mobile (another Pi?) manual too.
Ping from pi-3 to Internet, and then the pi-mobile to each of the
interfaces along the route to the Internet.

> # interfaces(5) file used by ifup(8) and ifdown(8)
>
> auto lo
> iface lo inet loopback
>
> #USB NIC connecting to the Internet
> auto eth1
> iface eth1 inet dhcp
>
> #Onboard NIC serving as internal gateway
> auto eth0
> iface eth0 inet static
> address 192.168.0.9

Given `address', ...

> netmask 255.255.255.0
> network 192.168.0.0
> broadcast 192.168.0.255

`netmask', `network' and `broadcast' are redundant here as they're
corresponding values that can be simply computed.

> gateway 192.168.0.9
>
> I tried setting the gateway address to the AP instead of the RPi, but
> to no avail.

It's a gateway from the perspective of that interface, not how others
see that interface as this isn't being used to configure those others.
See interfaces(5) for that system and
https://debian-handbook.info/browse/stable/sect.network-config.html#sect.interface-ethernet
I don't think you want it at all, and that suggests the
http://qcktech.blogspot.com/2012/08/raspberry-pi-as-router.html you
reference may have other problems.

These are the commands that one version of ifup(8) and friends run from
package ifupdown's `inet.defn' so you can see how `gateway' is used.

up
  ip addr add %address%[[/%netmask%]] [[broadcast %broadcast%]] \
  [[peer %pointopoint%]] [[scope %scope%]] dev %iface% label %iface%
  ip link set dev %iface% [[mtu %mtu%]] [[address %hwaddress%]] up

  [[ ip route add default via %gateway% [[metric %metric%]] dev %iface% ]]

down
  [[ ip route del default via %gateway% [[metric %metric%]] dev %iface% 
2>&1 1>/dev/null || true ]]
  ip -4 addr flush dev %iface% label %iface%
  ip link set dev %iface% down \
  if (iface_is_link())

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 18:42:53 BST Ralph Corderoy wrote:
> If you're on the Pi trying to ping 8.8.8.8 with eth0 plugged in, giving
> the winning metric-202 default route, then your packet is going to
> travel out of eth0 addressed to outdoor-wap's 192.168.0.1-interface's
> Ethernet address.  That seems the first odd thing to investigate.

I spent most of yesterday afternoon grappling with this.  At first, because the 
problem was 
related to routes, I assumed that I had introduced the problem when I set up 
the routing 
using IP Tables.  It took me a while to discover how to delete and / or flush 
rules from the 
IP Tables (because simply deleting the file contain the rules didn't change 
anything).

Then it dawned on me that if deleting all of the routes and rebooting didn't 
solved the 
problem, then it probably wasn't iptables that was causing it.

I then stumbled across a 6-year old page (http://qcktech.blogspot.com/) that 
discussed 
how to set up a wired router on a Raspberry Pi.  The problem being solved was 
identical 
(eg AP connected to the RPi's Router port and the other side connected to the 
ISP's ADSL 
Router).  Unfortunately this method set up the static IP address using 
/etc/Network/
interfaces, which in the modern versions of Raspbian contains a message to use 
dhcpcd.conf instead. Nonetheless I gave it a try and achieved connectivity from 
the Pi 
(browser and ping) to the Internet, but not from the AP to the RPi.  In the 
Pi's desktop, the 
Network icon displays 'Connection to DHCP lost' and no interfaces when hovered 
over.   
Here is the config I'm using:

# interfaces(5) file used by ifup(8) and ifdown(8)

auto lo
iface lo inet loopback

#USB NIC connecting to the Internet
auto eth1
iface eth1 inet dhcp

#Onboard NIC serving as internal gateway
auto eth0
iface eth0 inet static
address 192.168.0.9
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.9
I tried setting the gateway address to the AP instead of the RPi, but to no 
avail.  I also took 
out the static address entries for eth0 from dhcpcd.conf, but also without luck.

I then studied the man page for dhcpcd.conf, but was unable to see how to 
exactly 
replicate the settings in 'interfaces'.  It seems to me that the problem might 
be that I'm 
conflicting the settings that dhcpcd.conf is adding with those from interfaces, 
but I can't 
see where or how to stop it.

I'm off to WMT shortly and won't get back onto this until this afternoon.  My 
biggest 
problem is that most sites that explain how to set up an RPi as a wired Router 
seem to be 
old (at least I couldn't find any newer ones).  That is why I adapted the 
instructions from 
the original site to develop my first attempt.  These were in a link from the 
NoDogSplash 
instructions at https://pimylifeup.com/raspberry-pi-wireless-access-point/.

-- 



Terry Coles
-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Monday, 18 June 2018 18:09:10 BST PeterMerchant via dorset wrote:
> My Home network has a main wireless AdSL router 192.168.1.1 and a remote
> old ADSL wireless router upstairs of a different make. This has IP
> 192.168.1.2, same Netmask and ADSL not configured. But I have access to
> everything- there is no separation of devices. The main router handles
> DHCP  and is configured as the Gateway to give access to the outside
> world.  DNS is supplied by outside resource.
>
> If I could set up a VLAN on my main router I could separate the remote
> router from the rest of the network. Unfortunately this free TalkTalk
> router looks like it doesn't support VLANs. Does yours?  Would a VLAN
> give sufficient security?

As it happens, my home Router (Netgear), the Belkin Router I'm using to 
simulate the Wireless AP (CPE Antenna) at the WMT and the Antenna all appear 
to support VLANs.  However, I've only ever used VLAN on a Managed Network 
Router at a Customer's site, and even then one of the other contractors set it 
up while I watched.  I have no idea about the security question.

> I am now grappling mentally with your firewall and Ip configuration, but
> it's hurting my brain and time to make supper.

More news on that elsewhere.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[PeterMerchant via dorset]

On 17/06/18 21:34, Terry Coles wrote:

On Sunday, 17 June 2018 21:11:50 BST PeterMerchant via dorset wrote:

It is the understanding of those words that is the problem. I didn't
understand what you wanted either. I wondered how he was going to do the
measurement 'during' the process of plugging everything  in.

Thanks Peter (and Stephen); I feel better now :-)

To be fair to Ralph, he did clarify his message after I'd expressed my first
confusion and I did miss his original 'during' and his first 'unplugging'.
I'm afraid that my brain seems a bit slow to assimilate information these
days.

Anyway, I'll resume testing tomorrow afternoon, as I'm busy tomorrow morning.
I've had a few ideas of my own that might simplify the overall problem, once
I've got the RPi Routing function to work.


I had a look at your drawing, but not the configs yet.

My Home network has a main wireless AdSL router 192.168.1.1 and a remote 
old ADSL wireless router upstairs of a different make. This has IP 
192.168.1.2, same Netmask and ADSL not configured. But I have access to 
everything- there is no separation of devices. The main router handles 
DHCP  and is configured as the Gateway to give access to the outside 
world.  DNS is supplied by outside resource.


If I could set up a VLAN on my main router I could separate the remote 
router from the rest of the network. Unfortunately this free TalkTalk 
router looks like it doesn't support VLANs. Does yours?  Would a VLAN 
give sufficient security?


I am now grappling mentally with your firewall and Ip configuration, but 
it's hurting my brain and time to make supper.


Cheers,

peterM.



--
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 21:11:50 BST PeterMerchant via dorset wrote:
> It is the understanding of those words that is the problem. I didn't
> understand what you wanted either. I wondered how he was going to do the
> measurement 'during' the process of plugging everything  in.

Thanks Peter (and Stephen); I feel better now :-)

To be fair to Ralph, he did clarify his message after I'd expressed my first 
confusion and I did miss his original 'during' and his first 'unplugging'.  
I'm afraid that my brain seems a bit slow to assimilate information these 
days.

Anyway, I'll resume testing tomorrow afternoon, as I'm busy tomorrow morning.  
I've had a few ideas of my own that might simplify the overall problem, once 
I've got the RPi Routing function to work.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Stephen Wolff]

Hiya

>>> I didn't realise that you wanted me to unplug it again.
>> I didn't realise that you weren't reading my words.  :-)
>> 
> It is the understanding of those words that is the problem. I didn't 
> understand what you wanted either. I wondered how he was going to do the 
> measurement 'during' the process of plugging everything  in.

Terry said:
> The problem is that when I plug the cable into eth0 nothing is routed
> to anywhere.  As soon as I unplug it, the path to the Internet is
> restored.

Ralph said:

What's the output of `ip -s -d -a r' before plugging in the eth0 cable,
then during, then after?

I thought Ralph meant while the cable was plugged in - ie during the period 
that the cable was plugged in?


signature.asc
Description: Message signed with OpenPGP
-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[PeterMerchant via dorset]

On 17/06/18 18:42, Ralph Corderoy wrote:

Hi Terry,


I didn't realise that you wanted me to unplug it again.

I didn't realise that you weren't reading my words.  :-)

  
It is the understanding of those words that is the problem. I didn't 
understand what you wanted either. I wondered how he was going to do the 
measurement 'during' the process of plugging everything  in.


PM



--
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> I didn't realise that you wanted me to unplug it again.

I didn't realise that you weren't reading my words.  :-)

You carry out two actions above and I wanted before plugging it in
for the first time since boot, during the time it is plugged in, and
after it is unplugged.  The last will show if things have returned
to boot-stage `normal' or whether something lingers.

Before eth0's cable in plugged in, and after it's unplugged, are the
same:

unicast default via 192.168.1.1 dev eth1 proto boot scope global src 
192.168.1.15 metric 203
unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 
metric 203

During eth0 being plugged in the routing table gains

unicast default via 192.168.0.1 dev eth0 proto boot scope global src 
192.168.0.9 metric 202
unicast 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.9 
metric 202

This means you have two default routes.  The default route is the one to
take when none of the other routes match.  When more than one route
matches, because they have the same specificity, then the one with the
lowest metric wins, here 202.

You originally said

The problem is that when I plug the cable into eth0 nothing is
routed to anywhere.  As soon as I unplug it, the path to the
Internet is restored.

I think your diagram boils down to

Internet
office-router
192.168.1.15  eth
Ethernet and mains-wiring
192.168.1.15  eth1  USB/Ethernet adaptor
Raspberry Pi 3
192.168.0.9  eth0  built-in Ethernet
Cat 5
192.168.0.1  eth
outdoor-wap  DHCP-server 192.168.0.10-200
customer-mobile

If you're on the Pi trying to ping 8.8.8.8 with eth0 plugged in, giving
the winning metric-202 default route, then your packet is going to
travel out of eth0 addressed to outdoor-wap's 192.168.0.1-interface's
Ethernet address.  That seems the first odd thing to investigate.

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 13:19:01 BST Ralph Corderoy wrote:

I didn't realise that you wanted me to unplug it again.

> 1.  Boot Pi.
> 2.  What's the output of `ip -s -d -a r'?

pi@WMT_Webserver:~ $ ip -s -d -a r
unicast default via 192.168.1.1 dev eth1 proto boot scope global src 
192.168.1.15 metric 203 
unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 
metric 203

> 3.  Plug cable into eth0.
> 4.  Wait plentry of time for things to settle down, e.g. router lights.
> 5.  What's the output of `ip -s -d -a r'?

pi@WMT_Webserver:~ $ ip -s -d -a r
unicast default via 192.168.0.1 dev eth0 proto boot scope global src 
192.168.0.9 metric 202 
unicast default via 192.168.1.1 dev eth1 proto boot scope global src 
192.168.1.15 metric 203 
unicast 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.9 metric 
202 
unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 
metric 203 

> 6.  Unplug eth0's cable.
> 7.  Wait for things to settle down.
> 8.  What's the output of `ip -s -d -a r'?

pi@WMT_Webserver:~ $ ip -s -d -a r
unicast default via 192.168.1.1 dev eth1 proto boot scope global src 
192.168.1.15 metric 203 
unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 
metric 203 

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> Sorry I'm still not making myself clear am I.

1.  Boot Pi.
2.  What's the output of `ip -s -d -a r'?
3.  Plug cable into eth0.
4.  Wait plentry of time for things to settle down, e.g. router lights.
5.  What's the output of `ip -s -d -a r'?
6.  Unplug eth0's cable.
7.  Wait for things to settle down.
8.  What's the output of `ip -s -d -a r'?

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 13:05:27 BST Terry Coles wrote:
> first O/P was without the cable to eth0 plugged in (just eth1 to the
> Antenna). Immediately after I plugged it in, I ran the command again and

Doh! Just eth1 to the Office Router.


-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 12:56:02 BST Ralph Corderoy wrote:
> > Sorry missed the 'during'  That's a bit arbitrary isn't it?  What
> > counts as 'during'?   I plugged the cable in and immediately ran the
> > command; the result was identical to the 'without' case.  The second
> > output is what I get after I've plugged it in.
> 
> You carry out two actions above and I wanted before plugging it in for
> the first time since boot, during the time it is plugged in, and after
> it is unplugged.  The last will show if things have returned to
> boot-stage `normal' or whether something lingers.

Sorry I'm still not making myself clear am I.  What I meant was that the first 
O/P was without the cable to eth0 plugged in (just eth1 to the Antenna).  
Immediately after I plugged it in, I ran the command again and got exactly the 
same result.  When i ran the command for the third time I got the final 
result.

So no eth0:
pi@WMT_Webserver:~ $ ip -s -d -a r
unicast default via 192.168.1.1 dev eth1 proto boot scope global src 
192.168.1.15 metric 203 
unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 
metric 203 

Immediately after plugging in (before the light on the Router has lit):
pi@WMT_Webserver:~ $ ip -s -d -a r
unicast default via 192.168.1.1 dev eth1 proto boot scope global src 
192.168.1.15 metric 203 
unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 
metric 203 

After the light on the Router has lit:
pi@WMT_Webserver:~ $ ip -s -d -a r
unicast default via 192.168.0.1 dev eth0 proto boot scope global src 
192.168.0.9 metric 202 
unicast default via 192.168.1.1 dev eth1 proto boot scope global src 
192.168.1.15 metric 203 
unicast 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.9 metric 
202 
unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 
metric 203 

If there is something different happening during the 'during' period, I've 
been unable to catch it.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> > > The problem is that when I plug the cable into eth0 nothing is
> > > routed to anywhere.  As soon as I unplug it, the path to the
> > > Internet is restored.
> >
> > What's the output of `ip -s -d -a r' before plugging in the eth0
> > cable, then during, then after?
>
> Sorry missed the 'during'  That's a bit arbitrary isn't it?  What
> counts as 'during'?   I plugged the cable in and immediately ran the
> command; the result was identical to the 'without' case.  The second
> output is what I get after I've plugged it in.

You carry out two actions above and I wanted before plugging it in for
the first time since boot, during the time it is plugged in, and after
it is unplugged.  The last will show if things have returned to
boot-stage `normal' or whether something lingers.

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 12:40:46 BST Terry Coles wrote:
> result was identical to the 'without' case.  The second output is what I
> get after I've plugged it in.

Perhaps I should have after I've plugged it in and the Ethernet light on the 
Router spoofing the Antenna has lit.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 12:33:51 BST Ralph Corderoy wrote:
> Hi Terry,
> 
> > > What's the output of `ip -s -d -a r' before plugging in the eth0 cable,
> > 
> > unicast default via 192.168.1.1dev eth1 proto boot   scope global src
> > 192.168.1.15 metric 203 unicast 192.168.1.0/24 dev eth1 proto
> > kernel scope link   src 192.168.1.15 metric 203> 
> > > then during,
> > 
> > unicast default via 192.168.0.1dev eth0 proto boot   scope global src
> > 192.168.0.9  metric 202 unicast default via 192.168.1.1dev eth1 proto
> > boot   scope global src 192.168.1.15 metric 203 unicast
> > 192.168.0.0/24 dev eth0 proto kernel scope   link src 192.168.0.9  metric
> > 202 unicast 192.168.1.0/24 dev eth1 proto kernel scope   link
> > src 192.168.1.15 metric 203> 
> > > then after?
> 
> ?  :-)

Sorry missed the 'during'  That's a bit arbitrary isn't it?  What counts as 
'during'?   I plugged the cable in and immediately ran the command; the result 
was identical to the 'without' case.  The second output is what I get after 
I've plugged it in.


-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> > What's the output of `ip -s -d -a r' before plugging in the eth0 cable,
>
> unicast default via 192.168.1.1dev eth1 proto boot   scope global src 
> 192.168.1.15 metric 203 
> unicast 192.168.1.0/24 dev eth1 proto kernel scope link   src 
> 192.168.1.15 metric 203 
>
> > then during,
>
> unicast default via 192.168.0.1dev eth0 proto boot   scope global src 
> 192.168.0.9  metric 202 
> unicast default via 192.168.1.1dev eth1 proto boot   scope global src 
> 192.168.1.15 metric 203 
> unicast 192.168.0.0/24 dev eth0 proto kernel scope   link src 
> 192.168.0.9  metric 202 
> unicast 192.168.1.0/24 dev eth1 proto kernel scope   link src 
> 192.168.1.15 metric 203 
>
> > then after?

?  :-)

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

On Sunday, 17 June 2018 12:24:07 BST Terry Coles wrote:
> BTW.  There's an error in my diagram, the IP Address of eth0 is fixed at
> 192.168.0.9, not 192.168.0.1 as stated.

I've just updated it.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] Using a Raspberry Pi as a Network Router

[Ralph Corderoy]

Hi Terry,

> The problem is that when I plug the cable into eth0 nothing is routed
> to anywhere.  As soon as I unplug it, the path to the Internet is
> restored.

What's the output of `ip -s -d -a r' before plugging in the eth0 cable,
then during, then after?

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

[Dorset] Using a Raspberry Pi as a Network Router

[Terry Coles]

Hi,

My WMT Project to set up a Captive Portal has hit yet another bump in the 
road.  I'm sure it's me simply not spotting the obvious agin, but could 
someone check through my setup and let me know if they spot something wrong.

I have placed files showing yhe physical and software configuration at 
http://www.hadrian-way.co.uk/Misc/Pi_Router/.

Simply put, the on-site Wi-Fi Antenna is acting as a DHCP server as well as an 
Access Point and is connected to the default Ethernet port (eth0) on the Pi.  
A USB / Ethernet Adaptor (eth1) then provides a link to the Office Router and 
the Internet.  This port obtains it's IP address automatically.

Using information from various sources I've set up dhcpcd.conf, dnsmasq.conf 
and iptables to allow traffic to be routed between the two networks.  The 
problem is that when I plug the cable into eth0 nothing is routed to anywhere.  
As soon as I unplug it, the path to the Internet is restored.

-- 



Terry Coles



-- 
Next meeting:  Bournemouth, Tuesday, 2018-07-03 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR