Thank-you Brian. The DLink is doing its own DHCP, but not doing any nat to my knowledge (wouldn't nat'ing be done on the host anyhow? Something like DNAT eth0 wlan0:192.168.1.?? tcp for shorewall or for iptables: iptables -A FORWARD -o eth0 -i wlan0 -s 172.68.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
Anyhow I've already done much of what you suggested re: NM and IP forwarding; will try your other input over weekend Peace, Rion On Thu, 2015-06-25 at 01:44 -0400, Brian M. Waters wrote: > Assuming the D-Link is doing its own NAT and DHCP, you could try > something like the following, which will turn your Linux box into a > basic router but leave that other stuff up to the D-Link: > > First go into /etc/network/interfaces and set it so that NetworkManager > doesn't try to manage eth0 (I don't remember the syntax; check "man > interfaces" or Google it). You may have to restart NetworkManager after > this or just reboot. > > Enable IP forwarding with > sysctl -w net.ipv4.ip_forward=1 > Make this permanent by adding > "net.ipv4.ip_forward = 1" to /etc/sysctl.conf > > And give eth0 an unused /30, like this (any unused range will do): > ifconfig eth0 10.0.0.1/30 > ifconfig eth0 up > Again, you can make this permanent by editing /etc/network/interfaces. > > Then, sign onto the D-Link and set the WAN interface to use the other > side of the /30, which would be 10.0.0.2/30 in this case, or if it > doesn't take CIDR notation the subnet mask would be 255.255.255.252. > Since the D-Link won't be getting it's WAN config from DHCP anymore, > you'll probably also have to specify a DNS server for it to use. > 8.8.8.8 and 8.8.4.4 are good options that are run by Google. > > You may also have to mess around with iptables if it's blocking > anything. "iptables -F" and "iptables -t nat -F" will clear everything > for troubleshooting purposes. > > There may be some packages to automate some of this in the > Debian/Ubuntu/Mint repos, but I don't know about any of them. The above > is how I would do it personally; your mileage may vary. > > Let me know if you've got any questions, > > BW > > > > On Thu, 25 Jun 2015 00:05:02 -0400 > "Rion D'Luz" <[email protected]> wrote: > > > Greeting Group! > > > > I feel awkward asking, but my synapses are at the > > point of melting from being overloaded by SERPs > > and my older notes on subject. > > > > Here's my thing: > > > > A DLS modem on a 192.168.1/24 sub-net > > (and a wifi antenna with very limited range) > > > > One (cheap) POWERLINK Outdoor Plus PL-2712N antenna > > connected via USB to a host (running LM17) 100+ yards > > away. Wlan0, rt2800 drivers, NM/nmcli (with static IP's, not managed). > > > > > > > > > > Also connected to that little host thru eth0 is a DLink > > router (172.68.0/24) that I want to utilize for wifi (DMZ) access. > > > > So, since this is ubuntu-based (trusty), I peered into a > > looking glass of ICS, ad-hoc, nat'ing and/or bridging > > using shorewall/iptables, > > > > I've explored apps like firestarter and hostap, > > even 'ubuntu router.tar' (who puts spaces in fnames?) > > > > > > I'm looking for a KISS:) > > > > I'm not sure about configuring the DLink, to connect to > > LAN port for setting then switch to WAN port for use > > (which is what i did); but apart from that, all i > > want is a pass-thru from eth0 to/from wlan0. > > > > Acting only as a firewall, i don't see a need > > for ad-hoc'ing or dns/dnsmasq. > > > > Any suggestions? > > > > P.S. > > I also have a few 'keep-alive' scripts to deal with wlan0 getting > > disconnected; from triggering a re-plug of the device to > > a modprobe [-r] reset of drivers, to a net re-set. Another topic, but > > udev/udevadmin, fping in cronjob, anybody have a favorite? > > > > TIA > > > > > > > > > >
signature.asc
Description: This is a digitally signed message part
