Re: [Dorset] Using a Raspberry Pi as a Network Router
On Saturday, 14 July 2018 13:33:21 BST Ralph Corderoy wrote: > Have you read > https://nodogsplash.readthedocs.io/en/latest/howitworks.html ? Well I did, but it was some time ago and I only understood a small part of it. > As I said a long time ago, you can let nodog set things up and should > then me able to peer at what it's done with `sudo -i iptables -vL'. Thanks, but it seems to be working OK now. I read the comments in nodogsplash.conf and was able to arrange it so the Android devices got to see the Internet prior to authentication, before locking things down again, post authentication. The good news is that on the phones that I have here Android no longer suppresses the 4G connection as it did (that may be a feature of an old version of Android, both my wife and myself have new phones now). I've spent a bit of time sorting out the sizing of objects in the various browsers that I have access to here. Tomorrow, I intend to carry out a trial deployment at the WMT and another volunteer is bring me a clutch of Apple kit to test it against. The problem is that I can't really install it until the end of the WMT opening hours, because I will need to power down the PoS equipment to plug in the Powerline adaptor at the Office Router end (there are simply no free sockets). If all that works OK, then I'll leave it there. If not, I'll come back for another go ;-) -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > 1. If the nodogsplash webserver is serving the WMT content pages; how > does it manage that? > > The Splash Page is located at /etc/nodogsplash/htdocs, which is the > default location. The WMT content is at /var/www/html, which is the > default location for nginx. The nodogsplash config file points the > webserver at the Splash Page for the initial signin and the redirects > to WMT-Guest.com. > > The nginx config file includes 'sites-enabled' and a file called > WMT-Guest is located in 'sites-available' This is then linked to > 'sites-enabled'. The Pi is set up to be a DNS Server, which simply > says that the page WMT-Guest.com may be found at the IP Address of the > Pi (192.168.0.1). All this has worked well since the Webserver was > installed in March 2017. The only problem has been the Android issue. > > 2. A repeat of question 1. really; when the browser surfs to 192.168.0.1 how > does it know to get the content from nginx and not the nodogsplash web server? > > My understanding is that you can run two webservers at the same IP Address > providing that they use different ports. nodogsplash is using the default > port 2050 and nginx is using port 80. So that ought to work, but I'm still > not sure how the content gets to the browser if the nodogsplash webserver is > serving it since it won't be reading the nginx config file. Have you read https://nodogsplash.readthedocs.io/en/latest/howitworks.html ? You're right, only one program may listen on a particular TCP socket at a time for incoming connections to accept, and nginx is listening on the port 80, HTTP, with nodogsplash listening on port 2050. The visitor's browser tries to connect to port 80, not knowing nodog exists. `sudo -i lsof -ni' will show what programs are currently listening. It's a variation of «netstat -tl»'s output. An incoming packet passes through the kernel before being arriving at the program listen on the destination port for that packet. Part of the kernel is the packet filter, which can be inspected and manipulated with iptables(8). nodog modifies the filter's configuration as described on its `how it works' page. Packets arriving for port 80 are sometimes passed to port 2050 instead, thus nodog get first dibs. Once it's happy, it arranges for the redirection of future packets to cease and so the approved visitor talks directly to nginx from then on. nginx is unaware of nodog's pilfering. nodog has no part in nginx's serving of the pucker web site. As I said a long time ago, you can let nodog set things up and should then me able to peer at what it's done with `sudo -i iptables -vL'. Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Thu, 12 Jul 2018 07:14:05 +0100, Terry Coles wrote: > > Given enough time to detect the captive portal, Windows 7 pops up > > a > > balloon from the taskbar suggesting that "Additional log on > > information may be required", which opens a browser when clicked. > > Have you installed nodogsplash? Just wondering how you know. My main experience in this case is of a Three pay-as-you-go mobile broadband connection. When the credit runs out, the network activates a captive portal, which redirects to a message saying you've run out of credit and need to top up your account. This triggers Windows 7's sluggish pop-up bubble and Firefox's banner about signing in. I've never tried it with Android, but I'd expect it to trigger Android's sign-in browser too. The same effect should occur on any captive portal, unless the captive portal is deliberately making itself hard to detect. -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wednesday, 11 July 2018 19:17:25 BST Patrick Wigmore wrote: > On Wed, 11 Jul 2018 17:14:21 +0100, Terry Coles wrote: > > It's worse than that; I've found that every browser that I've tried > > on every device that I have access to exhibits different behaviours > > with this code: Something that I also found, even before I installed the captive portal, was that colours are rendered differently on different platforms. At the time that I developed the original website, the public website was themed in blue, so I chose that colour for buttons, etc. In order to provide the maximum readability, I chose yellow for the button text. Unfortunately that text came out pale blue on Android phones, which made it unreadable outdoors ;-( > Given enough time to detect the captive portal, Windows 7 pops up a > balloon from the taskbar suggesting that "Additional log on > information may be required", which opens a browser when clicked. Have you installed nodogsplash? Just wondering how you know. > Captive portals are a bit of a hack, and largely rely on the > assumption that, if someone wants to use an internet connection, they > will open a web browser and try to access a website on the internet. Fortunately we do need to use a browser; I'd just prefer that it wasn't the crippled one that comes up at signin on Android 7.0 (and presumably earlier) phones. > Which leads me to wonder; could the overflow you're seeing have to do > with the global font size settings (for menus, etc) on the Android > device you are using? If this is set larger than default, then perhaps > the portal sign-in browser respects that and renders everything > larger, while other browsers ignore this setting. I'm sure that this is a factor. > If you are more concerned about whether the buttons fit on the screen > than whether they respect the user's font size preference, it might > make more sense to specify the font size in viewport width units (vw). > That is a design decision more than a technical one. Personally I'd > try a smaller em size first. (It sounds like that's what you've done.) I wasn't aware of this feature; I'll look into it. Thanks for your help. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wed, 11 Jul 2018 17:14:21 +0100, Terry Coles wrote: > It's worse than that; I've found that every browser that I've tried > on every device that I have access to exhibits different behaviours > with this code: I think this is just something that happens with captive portals. It's not unique to the one you've set up. Given enough time to detect the captive portal, Windows 7 pops up a balloon from the taskbar suggesting that "Additional log on information may be required", which opens a browser when clicked. Captive portals are a bit of a hack, and largely rely on the assumption that, if someone wants to use an internet connection, they will open a web browser and try to access a website on the internet. On desktop browsers, if you have a home page that has to be retrieved from the internet, then the experience is that the sign-in page will appear automatically when your browser tries to load your home page. For some years, it was easy to get away with assuming that most people who wanted to use a WiFi hotspot would open a browser and try to load a web page. Then the iPhone happened and suddenly (seemingly) everyone wanted to run native phone apps and POP/IMAP mail clients, which would (correctly) exhibit error conditions rather than displaying a captive portal sign-in page, because they were not web browsers. And so, workarounds had to be devised by which devices could detect captive portals and display the sign in page to users who might not open a web page as soon as they connected to the network. Almost inevitably, the solutions are not standardised. (And phone and tablet OSes have more highly developed solutions than desktop ones.) > Actually I had problems with the logo, the button text size and the > background image. Your button font size was specified in ems. So, it was specified as a proportion of the size that it would otherwise have defaulted to if you hadn't specified one. Since you hadn't specified any absolute sizes that were inherited by the button, the size was relative to the default font size for buttons, as chosen by the browser. This is fairly sensible, provided the browser has a sensible default font size. It has the advantage of respecting any custom default font size that the end user might have set, which is good for accessibility. However, this approach falls down if a browser has a stupid default (that wasn't set by the end user). Which leads me to wonder; could the overflow you're seeing have to do with the global font size settings (for menus, etc) on the Android device you are using? If this is set larger than default, then perhaps the portal sign-in browser respects that and renders everything larger, while other browsers ignore this setting. If the browser is displaying things larger because you have personal settings that enlarge things, then you just have to bear in mind that that is the enlarged version, not the default, and design it to appear enlarged in that browser but "normal" size in the others. If you are more concerned about whether the buttons fit on the screen than whether they respect the user's font size preference, it might make more sense to specify the font size in viewport width units (vw). That is a design decision more than a technical one. Personally I'd try a smaller em size first. (It sounds like that's what you've done.) -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wednesday, 11 July 2018 12:04:26 BST Patrick Wigmore wrote: > I think you've hit the nail on the head there. Android seems to have a > special browser that appears for signing in to captive portals, and it > doesn't render web pages quite the same way as the usual browser. > > It makes sense that there should be a special browser, since users > will not necessarily be using the main browser but might still expect > internet access for other apps that won't show a captive portal log in > page. It's worse than that; I've found that every browser that I've tried on every device that I have access to exhibits different behaviours with this code: 1. On Android Phones, an alert is put up with a message to tap to sign in to the network. This launches the 'fake browser' and once 'Continue' is clicked on the Sign In page, the WMT content is loaded. 2. On my Kubuntu laptop, connecting to the WiFi AP has no visible affect but: a. When Chromium is launched, the Sign in Page is loaded automatically. b. When Firefox is launched, there is no alert sound, but a hardly visible banner at the top of the page tells me to click on a button to sign in. After that the behaviour is the same as on a phone. 3. On my son's Windows 10 PC, Chrome behaves in a similar manner to Chromium on Linux and IE also gives no alert. 4. I currently have no access to an iPhone or Windows phone. > Looking at the home page HTML and CSS, I think the most likely element > to cause overflow off the screen is the image that says Wimborne Model > Town Banner. Actually I had problems with the logo, the button text size and the background image. Using the technique that you suggested, I think I've cracked the logo size. I found some CSS code on the Internet that seems to fix the background image (the html code to do the same job only worked on some browsers) and I've had to simply reduce the font size in the buttons to make that work. The biggest problem that I had is that what worked on my Moto G5 Plus, didn't on my wife's Moto G6 Plus and/or my laptop and vice versa. I've now got it working reasonably well across all devices that I have access to, but more testing will obviously be needed. Thanks for putting me on the right trail. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wed, 11 Jul 2018 11:04:29 +0100, Terry Coles wrote: > On Wednesday, 11 July 2018 10:20:49 BST Terry Coles wrote: > > All of the pages appear different in one other respect. Across > > the top of the Splash Page, there is a page Title that reads > > 'Sign in to network'. This appears at the top of all the pages. > > It's this hangover from the Sign In Page that makes me suspect > > that nodogsplash is serving the content. > This statement is actually a load of cobblers. I just used my Linux > Laptop and my son's Windows PC to connect to the WMT pretend AP and > that 'page Title' doesn't appear. On going back to the phones, > I've realised that this is nothing more than a banner inserted by > Android to allow users to decide whether to continue to use the > network or not (it has the three vertical dots to indicate that a > menu is available. So the content is presumably being served by > nginx but somehow Android 7.0's browser is messing with the > content, presumably due to something being done in the Splash Page. > > On the laptop and PC, I don't get the Alert that Android puts up and > which automatically routes the user to the Sign In page when > clicked. Instead, the machine simply connects to the AP in the > normal way and nothing happens until the user opens his browser. > This then puts up the Sign In Page and everything works fince from > then on. I think you've hit the nail on the head there. Android seems to have a special browser that appears for signing in to captive portals, and it doesn't render web pages quite the same way as the usual browser. It makes sense that there should be a special browser, since users will not necessarily be using the main browser but might still expect internet access for other apps that won't show a captive portal log in page. Looking at the home page HTML and CSS, I think the most likely element to cause overflow off the screen is the image that says Wimborne Model Town Banner. The buttons have been given no specified width, so they should just get squashed to fit, but the image has an implicit width of 507px, with is inconveniently absolute. (And if the image pushes the page that wide, then the buttons might go off the screen too.) Now, I'm a bit rusty on this, but I believe that most mobile browsers, encountering this page, with no specified viewport size, would set the viewport (representing the visible portion of the page) to the width of the widest element (the image). The browser would then scale the viewport so that it fits on the screen (i.e. zoom out a bit to make everything fit). So, perhaps the captive portal sign-in browser does not support viewports in the same way that a normal mobile browser would. One option to fix this might be to specify the max-width (as opposed to the width) of the image to be 100%. Then it doesn't matter how big or small the viewport is. Another option might be to explicitly set the viewport to the width of the widest item on the page. This might be interesting from the point of view of seeing whether the captive portal sign-in browser actually supports viewports of this nature at all. I imagine this strategy is probably not considered best practice, since it's kind of a cheat to avoid having to fix the page to work with arbitrarily sized screens. -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wednesday, 11 July 2018 07:27:21 BST Ralph Corderoy wrote: > Try simplifying splash.html, e.g. > > > > ... I tried using a much simplified page based on this, but it made both the Splash Page and the Home Page oversized. A copy of my current splash.html may be found at: http://www.hadrian-way.co.uk/Misc/Pi_Router/ This page fills the screen correctly and centres the text and objects the way that I want them. I have played around with formatting in this page, but so far have only manged to make things worse ;-( -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wednesday, 11 July 2018 10:20:49 BST Terry Coles wrote: > All of the pages appear different in one other respect. Across the top of > the Splash Page, there is a page Title that reads 'Sign in to network'. > This appears at the top of all the pages. It's this hangover from the Sign > In Page that makes me suspect that nodogsplash is serving the content. This statement is actually a load of cobblers. I just used my Linux Laptop and my son's Windows PC to connect to the WMT pretend AP and that 'page Title' doesn't appear. On going back to the phones, I've realised that this is nothing more than a banner inserted by Android to allow users to decide whether to continue to use the network or not (it has the three vertical dots to indicate that a menu is available. So the content is presumably being served by nginx but somehow Android 7.0's browser is messing with the content, presumably due to something being done in the Splash Page. On the laptop and PC, I don't get the Alert that Android puts up and which automatically routes the user to the Sign In page when clicked. Instead, the machine simply connects to the AP in the normal way and nothing happens until the user opens his browser. This then puts up the Sign In Page and everything works fince from then on. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wednesday, 11 July 2018 07:27:21 BST Ralph Corderoy wrote: > Is this the content of the web page being served? > https://github.com/nodogsplash/nodogsplash/blob/master/resources/splash.html I am using that page as the basis of my Splash Page, which authorises the user and tells him/her that they won't have Internet access through the WMT WiFi AP. When the button is clicked the user is redirected to the WMT Home Page, where the buttons to access the content are held. It's the Home Page, not the Splash Page that is being rendered oversize. If you go to http://www.hadrian-way.co.uk/WMT_Webserver/WMT/ you will see what the Visitor is supposed to see once they been authorised (and does see on the deployed system). > Does the page appear different between nodogsplash's HTTP server and > nginx in any other way that the size it's viewed at? I don't think the All of the pages appear different in one other respect. Across the top of the Splash Page, there is a page Title that reads 'Sign in to network'. This appears at the top of all the pages. It's this hangover from the Sign In Page that makes me suspect that nodogsplash is serving the content. The map page is also oversized, but the Quiz and Audio Guide pages seem to work (even though they carry the Sign In title). > Try simplifying splash.html, e.g. Splash works OK, as related above. > Does the user need to see a splash page? If not, then it could probably > redirect to `$authtarget' without the user having to read or click > `Continue'. Yes. so that I can inform them of the lack of internet access and one or two other things. > way the HTML is served can make a difference, but perhaps one of those > two isn't serving some other resource that the page references, e.g. an > image, due to misconfiguration and that's making the page size > different. I've been thinking about this problem and after sleeping on it, I think I need to find the answers to some basic questions. 1. If the nodogsplash webserver is serving the WMT content pages; how does it manage that? The Splash Page is located at /etc/nodogsplash/htdocs, which is the default location. The WMT content is at /var/www/html, which is the default location for nginx. The nodogsplash config file points the webserver at the Splash Page for the initial signin and the redirects to WMT-Guest.com. The nginx config file includes 'sites-enabled' and a file called WMT-Guest is located in 'sites-available' This is then linked to 'sites-enabled'. The Pi is set up to be a DNS Server, which simply says that the page WMT-Guest.com may be found at the IP Address of the Pi (192.168.0.1). All this has worked well since the Webserver was installed in March 2017. The only problem has been the Android issue. 2. A repeat of question 1. really; when the browser surfs to 192.168.0.1 how does it know to get the content from nginx and not the nodogsplash web server? My understanding is that you can run two webservers at the same IP Address providing that they use different ports. nodogsplash is using the default port 2050 and nginx is using port 80. So that ought to work, but I'm still not sure how the content gets to the browser if the nodogsplash webserver is serving it since it won't be reading the nginx config file. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > On my wife's Moto G6 Plus (Android 8.0), this works well. On my Moto > G5 Plus (Android 7.0), the Home Page is too big and overflows the > screen. Is this the content of the web page being served? https://github.com/nodogsplash/nodogsplash/blob/master/resources/splash.html > I suspect this is to do with the built-in webserver that nodogsplash > uses, because if I surf to the Home Page with nodogsplash disabled it > works correctly. I used nginx for the original content. Does the page appear different between nodogsplash's HTTP server and nginx in any other way that the size it's viewed at? I don't think the way the HTML is served can make a difference, but perhaps one of those two isn't serving some other resource that the page references, e.g. an image, due to misconfiguration and that's making the page size different. Try simplifying splash.html, e.g. $gatewayname Entry $gatewayname Hotspot Gateway. Welcome! For access to the Internet, please click Continue. Does the user need to see a splash page? If not, then it could probably redirect to `$authtarget' without the user having to read or click `Continue'. Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 11:34:02 BST Terry Coles wrote: > I have placed files showing yhe physical and software configuration at > http://www.hadrian-way.co.uk/Misc/Pi_Router/. > > Simply put, the on-site Wi-Fi Antenna is acting as a DHCP server as well as > an Access Point and is connected to the default Ethernet port (eth0) on the > Pi. A USB / Ethernet Adaptor (eth1) then provides a link to the Office > Router and the Internet. This port obtains it's IP address automatically. > > Using information from various sources I've set up dhcpcd.conf, dnsmasq.conf > and iptables to allow traffic to be routed between the two networks. The > problem is that when I plug the cable into eth0 nothing is routed to > anywhere. As soon as I unplug it, the path to the Internet is restored. It's been a while since I last posted. I had a number of problems, most of which I have now overcome and I also had a family holiday that got in the way. In the end, I used dnsmasq to set up the DNS Server on the Pi and I removed all the routing that I had set up using iptables commands because nodogsplash covers everything! In its config file. I was able to allow only those protocols (UDP and TCP port 53) that were needed to fool the phone into thinking it was on the internet prior to authentication and then port 80 and 443 to the Pi (combined Router and Webserver) to serve the content. It seems to work pretty well. I now only have one problem (I hope). Before I started using nodogsplash, many of the Visitors were having to accept that our WiFi Access Point had no internet access before they could surf to our Home Page. This not very reliable and each version of Android behaved differently as related in my message of many months ago. With nodogsplash, the Visitor is presented with a Sign-on Page, which he has to read and then Click 'Continue'. This routes him to the original Home Page and thence to the content. On my wife's Moto G6 Plus (Android 8.0), this works well. On my Moto G5 Plus (Android 7.0), the Home Page is too big and overflows the screen. I suspect this is to do with the built-in webserver that nodogsplash uses, because if I surf to the Home Page with nodogsplash disabled it works correctly. I used nginx for the original content. Any suggestions on how I can resolve this? -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-17 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Friday, 22 June 2018 12:33:30 BST Terry Coles wrote: > Now I can get back to installing NodogSplash Well. Not quite. My test setup had the Client as a Raspberry Pi with a fixed IP address, whereas the final setup will be a Wi-Fi AP with mobile clients looking for an IP Address. When I put my simulated AP back in to the system, none of the clients got an IP Address. It's taken pretty much all day, but I think I now have it working (with a Pi Client at least). There were several problems, but the main one was the 'bind-interfaces' entry in dnsmasq.conf. This prevented the DHCP server from starting properly until dnsmasq was restarted. Also, I found out how to set the METRIC value in the routes. That took me a while, because it isn't mentioned in the man pages for route or iptables and the references in the man page for ip didn't actually explain it very well (to me it least). I then found a web page with a posting that showed how it could be set up in dhcpcd.conf, viz: interface eth0 static ip_address=192.168.0.1/24 static routers=192.168.0.1 static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1 metric 200 interface eth1 metric 100 The system barfs at the moment, because eth0 does not have a domain name server, but it will do :-) Now I can get back to installing NodogSplash :-) -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Friday, 22 June 2018 13:36:07 BST Ralph Corderoy wrote: > This means you have two default routes. The default route is the one to > take when none of the other routes match. When more than one route > matches, because they have the same specificity, then the one with the > lowest metric wins, here 202. — Sun, 17 Jun 2018 18:42:53 +0100. > > eventually it dawned on me that the user of an Access Point *wants* > > the route to be that way round. > > Doesn't sound like the same issue as before then; that was two default > routes on router-pi, each via a separate interface. No. I think it's exactly the same issue as before. The problem was that I didn't hit on the right solution straight away and the other things that i tried simply ended up strewing obstacles in my path. > That's good. Can you sit on router-pi and ping the Internet and > client-pi? Yes. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > https://pimylifeup.com/raspberry-pi-wireless-access-point/ That looks quite good. I'm a bit puzzled by `routers' being a host address of 0, but I suppose it depends how dhcpcd uses these to configure the routing table. interface wlan0 static ip_address=192.168.220.1/24 static routers=192.168.220.0 In common usage, the first address in a subnet, all binary zero in the host identifier, is reserved for referring to the network itself, while the last address, all binary one in the host identifier, is used as a broadcast address for the network; this reduces the number of addresses available for hosts by 2. — https://en.wikipedia.org/wiki/IPv4_subnetting_reference#IPv4_CIDR_blocks > Everything worked but I had exactly the same response as I had on > Sunday wrt the route metrics. There isn't much online (that I could > see) about the meaning of the metrics Earlier in this thread: This means you have two default routes. The default route is the one to take when none of the other routes match. When more than one route matches, because they have the same specificity, then the one with the lowest metric wins, here 202. — Sun, 17 Jun 2018 18:42:53 +0100. > eventually it dawned on me that the user of an Access Point *wants* > the route to be that way round. Doesn't sound like the same issue as before then; that was two default routes on router-pi, each via a separate interface. > I simply reversed the iptables setup and I can now ping from my Client > Pi to the Internet. That's good. Can you sit on router-pi and ping the Internet and client-pi? Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wednesday, 20 June 2018 14:12:08 BST Terry Coles wrote: > One thing: I remembered that I'd been able to lay my hands on a Pi Zero for > the WMT and it's been in my spares draw ever since. So assuming that I can > cobble together enough peripherals, I should be able to set up the > configuration that you suggested. It's taken me a while, and several iterations, but at last I've made some progress. It took me a some time to get sufficient cables and adapters to allow me to set up a system like this: Internet --- House Router RPi Router --- RPi Client The LHS of RPi Router goes through the USB / Ethernet Adapter and is configured by the Pi as eth1. It obtains its address using DHCP in the House Router. The RHS of RPi Router goes through the default Ethernet port and is configured by the Pi as eth0. It has a fixed IP address. The RPI Client is connected through the default Ethernet port and is configured by the Pi as eth0. It has a fixed IP address. I then tried to set up the Router Pi using a combination of the settings from the PiMyLifeUp and the QckTech pages referenced earlier and found that I ended up with a broken DHCP server. I did this several times starting from a clean installation of Raspbian. This morning, I ignored the QckTech page completely (ie, no settings in the interfaces file) and did what I did originally, by following the PiMyLifeUp AP Tutorial at: https://pimylifeup.com/raspberry-pi-wireless-access-point/ but substituting eth1 for wlan0 and setting the IP Addresses / Ranges as above. Everything worked but I had exactly the same response as I had on Sunday wrt the route metrics. There isn't much online (that I could see) about the meaning of the metrics, but eventually it dawned on me that the user of an Access Point *wants* the route to be that way round. I simply reversed the iptables setup and I can now ping from my Client Pi to the Internet. Now I can get back to installing NodogSplash -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Wednesday, 20 June 2018 13:09:36 BST Ralph Corderoy wrote: > > Anyone know haoe to fix the IP Address on an Android phone? > > It seems it's possible, e.g. https://it.uoregon.edu/node/3559 Not any more it seems. That page was written when Jelly Bean was the latest version of Android (4.1, circa 2012). My device is Nougat (Android 7.0) and the current one is Oreo (Android 8.0). I can remember plugging a Micro USB to Ethernet Adaptor into my old Nexus 5 phone and it worked, but that was probably Android 6.0 or even 5.0 at the time. My Moto G5 Plus, doesn't even blink when I plug the adaptor in, so I can't set an IP Address for the port, since Ethernet ports are no longer supported. Having spent the morning buying a new phone for my wife (said Nexus 5 popped its clogs yesterday), I am now looking at this again. One thing: I remembered that I'd been able to lay my hands on a Pi Zero for the WMT and it's been in my spares draw ever since. So assuming that I can cobble together enough peripherals, I should be able to set up the configuration that you suggested. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > Anyone know haoe to fix the IP Address on an Android phone? It seems it's possible, e.g. https://it.uoregon.edu/node/3559 Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > > ...that you understood. :-) > > No. I did what most other Raspberry Pi users do; I followed the > Tutorial and assumed that the author knew what he was doing. I wasn't referring to that. > > > One final question. If I open a default copy of > > > /etc/network/interface, it says that the file is intended to be > > > used with dhcpcd.conf. Do I still need to define the static IP > > > address of eth0 in both places or just here? > > > > Well, in your new `start from scratch' there won't be a DHCP server > > to read dhcpcd.conf. :-) You should be telling the server to just > > listen on eth0 rather than its default of all interfaces that are up > > and can broadcast. I don't see any reason why it would need to be > > told eth0's static address is 192.168.0.9 as it won't be handling a > > DHCPDISCOVER request for that interface as it's statically defined > > in /etc/network/interfaces. > > Are you sure about that? Yes, I'm sure about that, but it's not relevant because I missed the switch from talking about the DHCP server, with its dhcpd.conf, that needs to serve the mobiles, and the dhcp`c'd.conf when you introduced it. I agree, since dhcpcd is running then use its dhcpcd.conf to configure the static interface. Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Tuesday, 19 June 2018 14:42:40 BST Terry Coles wrote: > I don't have laptops that run anything else :-) Unfortunately, I seem to have lost my second USB Type A to Ethernet Adaptor. I need two; one for eth1 on the Pi and one for the laptop. I have several Micro USB to Ethernet Adaptors, but no Type A to Micro USB receptacle adaptors. My main laptop only has Type A and C receptacles. Lead time for reasonably cheap ones off Amazon varies from weeks to months. Or I can spend £15 at Currys. I might be able to get hold of a Pi Zero, but I may then have problems with keyboards and monitors. Anyone know haoe to fix the IP Address on an Android phone? -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Tuesday, 19 June 2018 14:22:39 BST Ralph Corderoy wrote: > A laptop running Linux would do as well. I don't have laptops that run anything else :-) > ...that you understood. :-) No. I did what most other Raspberry Pi users do; I followed the Tutorial and assumed that the author knew what he was doing. The fact is that he probably did, but since he was doing this five years ago and / or didn't have exactly the same hardware as me, there is no guarantee that the Tutorial is still correct. If I fully understood this stuff, I'd have 'rolled my own'. :-) > > One final question. If I open a default copy of > > /etc/network/interface, it says that the file is intended to be used > > with dhcpcd.conf. Do I still need to define the static IP address of > > eth0 in both places or just here? > > Well, in your new `start from scratch' there won't be a DHCP server to > read dhcpcd.conf. :-) You should be telling the server to just listen > on eth0 rather than its default of all interfaces that are up and can > broadcast. I don't see any reason why it would need to be told eth0's > static address is 192.168.0.9 as it won't be handling a DHCPDISCOVER > request for that interface as it's statically defined in > /etc/network/interfaces. Are you sure about that? The file dhcpcd.conf is installed by default and all the latest instructions (eg https://www.raspberrypi.org/learning/networking-lessons/rpi-static-ip-address/) tell the users to define a static IP Address there. The interfaces file is not mentioned anywhere. Clearly, there won't be a functioning DHCP Server unless I define a range, but the infrastructure is clearly in place and the file must be read by the Pi, otherwise the device wouldn't get its IP Address. My question was really should I define the Static IP Address in dhcpcd.conf (as instructed), in /etc/Network/interfaces, or both? -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Tuesday, 19 June 2018 13:50:38 BST Hamish MB wrote: > Raspbian lite might be a good choice? It's certainly a good choice when the system is to run headless, but I don't think it would make any difference in this instance. Anyway, I've already burnt the new SD Card and am in the process of updating it. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Raspbian lite might be a good choice? On 19/06/18 13:41, Terry Coles wrote: > On Tuesday, 19 June 2018 12:00:42 BST Ralph Corderoy wrote: >> You've assembled a system of software parts and it doesn't work. >> Debugging it will be hard because of the possible interactions between >> the parts that are unknown. I'd try to strip it back to the minimal and >> get that working, e.g. same hardware, eth1 configured by DHCP, as now, >> eth0 manual configuration, customer-mobile (another Pi?) manual too. >> Ping from pi-3 to Internet, and then the pi-mobile to each of the >> interfaces along the route to the Internet. > Unfortunately, I'm fresh out of Pis but I may be able to cobble together > something using a mobile phone or laptop connected by Ethernet instead of via > the Belkin Router. I was already thinking of substituting the Belkin Router > with another one, if I can find a suitable device, but your suggestion would > remove yet another variable. > > I was also thinking of starting again from scratch with a clean installation > of Raspbian and building the RPi Router from there, before ever attempting > something like NoDogSplash. At least then I would know that I haven't > introduced some incompatibility along the way. > >> Given `address', ... > I'm sorry, I don't understand that comment. > >> `netmask', `network' and `broadcast' are redundant here as they're >> corresponding values that can be simply computed. > OK. I was simply following the tutorial that I had found. > >> It's a gateway from the perspective of that interface, not how others >> see that interface as this isn't being used to configure those others. >> See interfaces(5) for that system and >> https://debian-handbook.info/browse/stable/sect.network-config.html#sect.int >> erface-ethernet I don't think you want it at all, and that suggests the >> http://qcktech.blogspot.com/2012/08/raspberry-pi-as-router.html you >> reference may have other problems. > OK. I'll look into that. > >> These are the commands that one version of ifup(8) and friends run from >> package ifupdown's `inet.defn' so you can see how `gateway' is used. > OK. I'll look into that too. > > One final question. If I open a default copy of /etc/network/interface, it > says that the file is intended to be used with dhcpcd.conf. Do I still need > to define the static IP address of eth0 in both places or just here? > > -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Tuesday, 19 June 2018 12:00:42 BST Ralph Corderoy wrote: > You've assembled a system of software parts and it doesn't work. > Debugging it will be hard because of the possible interactions between > the parts that are unknown. I'd try to strip it back to the minimal and > get that working, e.g. same hardware, eth1 configured by DHCP, as now, > eth0 manual configuration, customer-mobile (another Pi?) manual too. > Ping from pi-3 to Internet, and then the pi-mobile to each of the > interfaces along the route to the Internet. Unfortunately, I'm fresh out of Pis but I may be able to cobble together something using a mobile phone or laptop connected by Ethernet instead of via the Belkin Router. I was already thinking of substituting the Belkin Router with another one, if I can find a suitable device, but your suggestion would remove yet another variable. I was also thinking of starting again from scratch with a clean installation of Raspbian and building the RPi Router from there, before ever attempting something like NoDogSplash. At least then I would know that I haven't introduced some incompatibility along the way. > Given `address', ... I'm sorry, I don't understand that comment. > `netmask', `network' and `broadcast' are redundant here as they're > corresponding values that can be simply computed. OK. I was simply following the tutorial that I had found. > It's a gateway from the perspective of that interface, not how others > see that interface as this isn't being used to configure those others. > See interfaces(5) for that system and > https://debian-handbook.info/browse/stable/sect.network-config.html#sect.int > erface-ethernet I don't think you want it at all, and that suggests the > http://qcktech.blogspot.com/2012/08/raspberry-pi-as-router.html you > reference may have other problems. OK. I'll look into that. > These are the commands that one version of ifup(8) and friends run from > package ifupdown's `inet.defn' so you can see how `gateway' is used. OK. I'll look into that too. One final question. If I open a default copy of /etc/network/interface, it says that the file is intended to be used with dhcpcd.conf. Do I still need to define the static IP address of eth0 in both places or just here? -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > At first, because the problem was related to routes, I assumed that I > had introduced the problem when I set up the routing using IP Tables. You've assembled a system of software parts and it doesn't work. Debugging it will be hard because of the possible interactions between the parts that are unknown. I'd try to strip it back to the minimal and get that working, e.g. same hardware, eth1 configured by DHCP, as now, eth0 manual configuration, customer-mobile (another Pi?) manual too. Ping from pi-3 to Internet, and then the pi-mobile to each of the interfaces along the route to the Internet. > # interfaces(5) file used by ifup(8) and ifdown(8) > > auto lo > iface lo inet loopback > > #USB NIC connecting to the Internet > auto eth1 > iface eth1 inet dhcp > > #Onboard NIC serving as internal gateway > auto eth0 > iface eth0 inet static > address 192.168.0.9 Given `address', ... > netmask 255.255.255.0 > network 192.168.0.0 > broadcast 192.168.0.255 `netmask', `network' and `broadcast' are redundant here as they're corresponding values that can be simply computed. > gateway 192.168.0.9 > > I tried setting the gateway address to the AP instead of the RPi, but > to no avail. It's a gateway from the perspective of that interface, not how others see that interface as this isn't being used to configure those others. See interfaces(5) for that system and https://debian-handbook.info/browse/stable/sect.network-config.html#sect.interface-ethernet I don't think you want it at all, and that suggests the http://qcktech.blogspot.com/2012/08/raspberry-pi-as-router.html you reference may have other problems. These are the commands that one version of ifup(8) and friends run from package ifupdown's `inet.defn' so you can see how `gateway' is used. up ip addr add %address%[[/%netmask%]] [[broadcast %broadcast%]] \ [[peer %pointopoint%]] [[scope %scope%]] dev %iface% label %iface% ip link set dev %iface% [[mtu %mtu%]] [[address %hwaddress%]] up [[ ip route add default via %gateway% [[metric %metric%]] dev %iface% ]] down [[ ip route del default via %gateway% [[metric %metric%]] dev %iface% 2>&1 1>/dev/null || true ]] ip -4 addr flush dev %iface% label %iface% ip link set dev %iface% down \ if (iface_is_link()) Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 18:42:53 BST Ralph Corderoy wrote: > If you're on the Pi trying to ping 8.8.8.8 with eth0 plugged in, giving > the winning metric-202 default route, then your packet is going to > travel out of eth0 addressed to outdoor-wap's 192.168.0.1-interface's > Ethernet address. That seems the first odd thing to investigate. I spent most of yesterday afternoon grappling with this. At first, because the problem was related to routes, I assumed that I had introduced the problem when I set up the routing using IP Tables. It took me a while to discover how to delete and / or flush rules from the IP Tables (because simply deleting the file contain the rules didn't change anything). Then it dawned on me that if deleting all of the routes and rebooting didn't solved the problem, then it probably wasn't iptables that was causing it. I then stumbled across a 6-year old page (http://qcktech.blogspot.com/) that discussed how to set up a wired router on a Raspberry Pi. The problem being solved was identical (eg AP connected to the RPi's Router port and the other side connected to the ISP's ADSL Router). Unfortunately this method set up the static IP address using /etc/Network/ interfaces, which in the modern versions of Raspbian contains a message to use dhcpcd.conf instead. Nonetheless I gave it a try and achieved connectivity from the Pi (browser and ping) to the Internet, but not from the AP to the RPi. In the Pi's desktop, the Network icon displays 'Connection to DHCP lost' and no interfaces when hovered over. Here is the config I'm using: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback #USB NIC connecting to the Internet auto eth1 iface eth1 inet dhcp #Onboard NIC serving as internal gateway auto eth0 iface eth0 inet static address 192.168.0.9 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.9 I tried setting the gateway address to the AP instead of the RPi, but to no avail. I also took out the static address entries for eth0 from dhcpcd.conf, but also without luck. I then studied the man page for dhcpcd.conf, but was unable to see how to exactly replicate the settings in 'interfaces'. It seems to me that the problem might be that I'm conflicting the settings that dhcpcd.conf is adding with those from interfaces, but I can't see where or how to stop it. I'm off to WMT shortly and won't get back onto this until this afternoon. My biggest problem is that most sites that explain how to set up an RPi as a wired Router seem to be old (at least I couldn't find any newer ones). That is why I adapted the instructions from the original site to develop my first attempt. These were in a link from the NoDogSplash instructions at https://pimylifeup.com/raspberry-pi-wireless-access-point/. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Monday, 18 June 2018 18:09:10 BST PeterMerchant via dorset wrote: > My Home network has a main wireless AdSL router 192.168.1.1 and a remote > old ADSL wireless router upstairs of a different make. This has IP > 192.168.1.2, same Netmask and ADSL not configured. But I have access to > everything- there is no separation of devices. The main router handles > DHCP and is configured as the Gateway to give access to the outside > world. DNS is supplied by outside resource. > > If I could set up a VLAN on my main router I could separate the remote > router from the rest of the network. Unfortunately this free TalkTalk > router looks like it doesn't support VLANs. Does yours? Would a VLAN > give sufficient security? As it happens, my home Router (Netgear), the Belkin Router I'm using to simulate the Wireless AP (CPE Antenna) at the WMT and the Antenna all appear to support VLANs. However, I've only ever used VLAN on a Managed Network Router at a Customer's site, and even then one of the other contractors set it up while I watched. I have no idea about the security question. > I am now grappling mentally with your firewall and Ip configuration, but > it's hurting my brain and time to make supper. More news on that elsewhere. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On 17/06/18 21:34, Terry Coles wrote: On Sunday, 17 June 2018 21:11:50 BST PeterMerchant via dorset wrote: It is the understanding of those words that is the problem. I didn't understand what you wanted either. I wondered how he was going to do the measurement 'during' the process of plugging everything in. Thanks Peter (and Stephen); I feel better now :-) To be fair to Ralph, he did clarify his message after I'd expressed my first confusion and I did miss his original 'during' and his first 'unplugging'. I'm afraid that my brain seems a bit slow to assimilate information these days. Anyway, I'll resume testing tomorrow afternoon, as I'm busy tomorrow morning. I've had a few ideas of my own that might simplify the overall problem, once I've got the RPi Routing function to work. I had a look at your drawing, but not the configs yet. My Home network has a main wireless AdSL router 192.168.1.1 and a remote old ADSL wireless router upstairs of a different make. This has IP 192.168.1.2, same Netmask and ADSL not configured. But I have access to everything- there is no separation of devices. The main router handles DHCP and is configured as the Gateway to give access to the outside world. DNS is supplied by outside resource. If I could set up a VLAN on my main router I could separate the remote router from the rest of the network. Unfortunately this free TalkTalk router looks like it doesn't support VLANs. Does yours? Would a VLAN give sufficient security? I am now grappling mentally with your firewall and Ip configuration, but it's hurting my brain and time to make supper. Cheers, peterM. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 21:11:50 BST PeterMerchant via dorset wrote: > It is the understanding of those words that is the problem. I didn't > understand what you wanted either. I wondered how he was going to do the > measurement 'during' the process of plugging everything in. Thanks Peter (and Stephen); I feel better now :-) To be fair to Ralph, he did clarify his message after I'd expressed my first confusion and I did miss his original 'during' and his first 'unplugging'. I'm afraid that my brain seems a bit slow to assimilate information these days. Anyway, I'll resume testing tomorrow afternoon, as I'm busy tomorrow morning. I've had a few ideas of my own that might simplify the overall problem, once I've got the RPi Routing function to work. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hiya >>> I didn't realise that you wanted me to unplug it again. >> I didn't realise that you weren't reading my words. :-) >> > It is the understanding of those words that is the problem. I didn't > understand what you wanted either. I wondered how he was going to do the > measurement 'during' the process of plugging everything in. Terry said: > The problem is that when I plug the cable into eth0 nothing is routed > to anywhere. As soon as I unplug it, the path to the Internet is > restored. Ralph said: What's the output of `ip -s -d -a r' before plugging in the eth0 cable, then during, then after? I thought Ralph meant while the cable was plugged in - ie during the period that the cable was plugged in? signature.asc Description: Message signed with OpenPGP -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On 17/06/18 18:42, Ralph Corderoy wrote: Hi Terry, I didn't realise that you wanted me to unplug it again. I didn't realise that you weren't reading my words. :-) It is the understanding of those words that is the problem. I didn't understand what you wanted either. I wondered how he was going to do the measurement 'during' the process of plugging everything in. PM -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > I didn't realise that you wanted me to unplug it again. I didn't realise that you weren't reading my words. :-) You carry out two actions above and I wanted before plugging it in for the first time since boot, during the time it is plugged in, and after it is unplugged. The last will show if things have returned to boot-stage `normal' or whether something lingers. Before eth0's cable in plugged in, and after it's unplugged, are the same: unicast default via 192.168.1.1 dev eth1 proto boot scope global src 192.168.1.15 metric 203 unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 metric 203 During eth0 being plugged in the routing table gains unicast default via 192.168.0.1 dev eth0 proto boot scope global src 192.168.0.9 metric 202 unicast 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.9 metric 202 This means you have two default routes. The default route is the one to take when none of the other routes match. When more than one route matches, because they have the same specificity, then the one with the lowest metric wins, here 202. You originally said The problem is that when I plug the cable into eth0 nothing is routed to anywhere. As soon as I unplug it, the path to the Internet is restored. I think your diagram boils down to Internet office-router 192.168.1.15 eth Ethernet and mains-wiring 192.168.1.15 eth1 USB/Ethernet adaptor Raspberry Pi 3 192.168.0.9 eth0 built-in Ethernet Cat 5 192.168.0.1 eth outdoor-wap DHCP-server 192.168.0.10-200 customer-mobile If you're on the Pi trying to ping 8.8.8.8 with eth0 plugged in, giving the winning metric-202 default route, then your packet is going to travel out of eth0 addressed to outdoor-wap's 192.168.0.1-interface's Ethernet address. That seems the first odd thing to investigate. Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 13:19:01 BST Ralph Corderoy wrote: I didn't realise that you wanted me to unplug it again. > 1. Boot Pi. > 2. What's the output of `ip -s -d -a r'? pi@WMT_Webserver:~ $ ip -s -d -a r unicast default via 192.168.1.1 dev eth1 proto boot scope global src 192.168.1.15 metric 203 unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 metric 203 > 3. Plug cable into eth0. > 4. Wait plentry of time for things to settle down, e.g. router lights. > 5. What's the output of `ip -s -d -a r'? pi@WMT_Webserver:~ $ ip -s -d -a r unicast default via 192.168.0.1 dev eth0 proto boot scope global src 192.168.0.9 metric 202 unicast default via 192.168.1.1 dev eth1 proto boot scope global src 192.168.1.15 metric 203 unicast 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.9 metric 202 unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 metric 203 > 6. Unplug eth0's cable. > 7. Wait for things to settle down. > 8. What's the output of `ip -s -d -a r'? pi@WMT_Webserver:~ $ ip -s -d -a r unicast default via 192.168.1.1 dev eth1 proto boot scope global src 192.168.1.15 metric 203 unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 metric 203 -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > Sorry I'm still not making myself clear am I. 1. Boot Pi. 2. What's the output of `ip -s -d -a r'? 3. Plug cable into eth0. 4. Wait plentry of time for things to settle down, e.g. router lights. 5. What's the output of `ip -s -d -a r'? 6. Unplug eth0's cable. 7. Wait for things to settle down. 8. What's the output of `ip -s -d -a r'? Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 13:05:27 BST Terry Coles wrote: > first O/P was without the cable to eth0 plugged in (just eth1 to the > Antenna). Immediately after I plugged it in, I ran the command again and Doh! Just eth1 to the Office Router. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 12:56:02 BST Ralph Corderoy wrote: > > Sorry missed the 'during' That's a bit arbitrary isn't it? What > > counts as 'during'? I plugged the cable in and immediately ran the > > command; the result was identical to the 'without' case. The second > > output is what I get after I've plugged it in. > > You carry out two actions above and I wanted before plugging it in for > the first time since boot, during the time it is plugged in, and after > it is unplugged. The last will show if things have returned to > boot-stage `normal' or whether something lingers. Sorry I'm still not making myself clear am I. What I meant was that the first O/P was without the cable to eth0 plugged in (just eth1 to the Antenna). Immediately after I plugged it in, I ran the command again and got exactly the same result. When i ran the command for the third time I got the final result. So no eth0: pi@WMT_Webserver:~ $ ip -s -d -a r unicast default via 192.168.1.1 dev eth1 proto boot scope global src 192.168.1.15 metric 203 unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 metric 203 Immediately after plugging in (before the light on the Router has lit): pi@WMT_Webserver:~ $ ip -s -d -a r unicast default via 192.168.1.1 dev eth1 proto boot scope global src 192.168.1.15 metric 203 unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 metric 203 After the light on the Router has lit: pi@WMT_Webserver:~ $ ip -s -d -a r unicast default via 192.168.0.1 dev eth0 proto boot scope global src 192.168.0.9 metric 202 unicast default via 192.168.1.1 dev eth1 proto boot scope global src 192.168.1.15 metric 203 unicast 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.9 metric 202 unicast 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.15 metric 203 If there is something different happening during the 'during' period, I've been unable to catch it. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > > > The problem is that when I plug the cable into eth0 nothing is > > > routed to anywhere. As soon as I unplug it, the path to the > > > Internet is restored. > > > > What's the output of `ip -s -d -a r' before plugging in the eth0 > > cable, then during, then after? > > Sorry missed the 'during' That's a bit arbitrary isn't it? What > counts as 'during'? I plugged the cable in and immediately ran the > command; the result was identical to the 'without' case. The second > output is what I get after I've plugged it in. You carry out two actions above and I wanted before plugging it in for the first time since boot, during the time it is plugged in, and after it is unplugged. The last will show if things have returned to boot-stage `normal' or whether something lingers. Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 12:40:46 BST Terry Coles wrote: > result was identical to the 'without' case. The second output is what I > get after I've plugged it in. Perhaps I should have after I've plugged it in and the Ethernet light on the Router spoofing the Antenna has lit. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 12:33:51 BST Ralph Corderoy wrote: > Hi Terry, > > > > What's the output of `ip -s -d -a r' before plugging in the eth0 cable, > > > > unicast default via 192.168.1.1dev eth1 proto boot scope global src > > 192.168.1.15 metric 203 unicast 192.168.1.0/24 dev eth1 proto > > kernel scope link src 192.168.1.15 metric 203> > > > then during, > > > > unicast default via 192.168.0.1dev eth0 proto boot scope global src > > 192.168.0.9 metric 202 unicast default via 192.168.1.1dev eth1 proto > > boot scope global src 192.168.1.15 metric 203 unicast > > 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.9 metric > > 202 unicast 192.168.1.0/24 dev eth1 proto kernel scope link > > src 192.168.1.15 metric 203> > > > then after? > > ? :-) Sorry missed the 'during' That's a bit arbitrary isn't it? What counts as 'during'? I plugged the cable in and immediately ran the command; the result was identical to the 'without' case. The second output is what I get after I've plugged it in. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > > What's the output of `ip -s -d -a r' before plugging in the eth0 cable, > > unicast default via 192.168.1.1dev eth1 proto boot scope global src > 192.168.1.15 metric 203 > unicast 192.168.1.0/24 dev eth1 proto kernel scope link src > 192.168.1.15 metric 203 > > > then during, > > unicast default via 192.168.0.1dev eth0 proto boot scope global src > 192.168.0.9 metric 202 > unicast default via 192.168.1.1dev eth1 proto boot scope global src > 192.168.1.15 metric 203 > unicast 192.168.0.0/24 dev eth0 proto kernel scope link src > 192.168.0.9 metric 202 > unicast 192.168.1.0/24 dev eth1 proto kernel scope link src > 192.168.1.15 metric 203 > > > then after? ? :-) Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
On Sunday, 17 June 2018 12:24:07 BST Terry Coles wrote: > BTW. There's an error in my diagram, the IP Address of eth0 is fixed at > 192.168.0.9, not 192.168.0.1 as stated. I've just updated it. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] Using a Raspberry Pi as a Network Router
Hi Terry, > The problem is that when I plug the cable into eth0 nothing is routed > to anywhere. As soon as I unplug it, the path to the Internet is > restored. What's the output of `ip -s -d -a r' before plugging in the eth0 cable, then during, then after? Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
[Dorset] Using a Raspberry Pi as a Network Router
Hi, My WMT Project to set up a Captive Portal has hit yet another bump in the road. I'm sure it's me simply not spotting the obvious agin, but could someone check through my setup and let me know if they spot something wrong. I have placed files showing yhe physical and software configuration at http://www.hadrian-way.co.uk/Misc/Pi_Router/. Simply put, the on-site Wi-Fi Antenna is acting as a DHCP server as well as an Access Point and is connected to the default Ethernet port (eth0) on the Pi. A USB / Ethernet Adaptor (eth1) then provides a link to the Office Router and the Internet. This port obtains it's IP address automatically. Using information from various sources I've set up dhcpcd.conf, dnsmasq.conf and iptables to allow traffic to be routed between the two networks. The problem is that when I plug the cable into eth0 nothing is routed to anywhere. As soon as I unplug it, the path to the Internet is restored. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2018-07-03 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR