我正在尝试以非标准方式配置 Linux 盒子上的 wifi 和以太网端口。我以前从未接触过这种东西,所以请原谅我的天真。我基本上只是先通过 YOLO 进入文档头,并已经取得了很大的进展并让它发挥作用。但仍然存在一些奇怪的地方,我不完全理解它为什么有效。因此,如果可以的话,我想完整地描述这一点,然后任何有更多知识的人请纠正我并解释我哪里做错了。
我有一台迷你电脑,有 2 个以太网端口和 1 个 wifi。我正在尝试对其进行配置,以便互联网通过一个以太网端口进入,然后通过 WIFI 和另一个以太网端口广播出去。基本上将其配置为像 WiFi 路由器一样工作。
所以。
这是我的 /etc/netplan/01-network-manager-all.yaml
network:
version: 2
renderer: networkd
ethernets:
enp0s31f6:
dhcp4: true
enp1s0:
addresses:
- 192.168.2.1/24
dhcp4: false
nameservers:
addresses:
- 8.8.8.8
- 8.8.4.4
search: []
wlp2s0:
addresses:
- 10.42.0.1/24
dhcp4: false
nameservers:
addresses:
- 8.8.8.8
- 8.8.4.4
search: []
bridges:
br0:
interfaces: [enp0s31f6, enp1s0, wlp2s0]
dhcp4: true
addresses:
- 100.80.0.1/24
parameters:
stp: false
forward-delay: 0
这是我的/etc/default/dhcpd.conf
INTERFACES="enp1s0 wlp2s0"
这是我的/etc/dhcp/dhcpd.conf
option domain-name "whatever.you.want";
option domain-name-servers 8.8.8.8, 8.8.4.4;
default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;
authoritative;
log-facility local7;
subnet 10.42.0.1 netmask 255.255.255.0 {
range 10.42.0.101 10.42.0.200;
option subnet-mask 255.255.255.0;
option routers 10.42.0.1;
option broadcast-address 10.42.0.255;
}
subnet 100.80.0.1 netmask 255.255.255.0 {
range 100.80.0.101 100.80.0.200;
option subnet-mask 255.255.255.0;
option routers 100.80.0.1;
option broadcast-address 100.80.0.255;
}
subnet 192.168.2.1 netmask 255.255.255.0 {
range 192.168.2.101 192.168.2.200;
option subnet-mask 255.255.255.0;
option routers 192.168.2.1;
option broadcast-address 192.168.2.255;
}
我已经运行了所有正确的命令(我认为)
sudo netplan --debug generate
sudo netplan apply
sudo systemctl restart isc-dhcp-server
sudo systemctl enable isc-dhcp-server
sudo systemctl status isc-dhcp-server
所以这有效。但我知道我可能做错了什么。它也有怪癖。随机似乎中断了几次,弹出了一个什么也没说的错误。此外,当我尝试将其插入某个 4G 热点时,它不起作用,但是该 4G 热点成功地将互联网传输到其他设备,它也可以从其他以太网源正常接收互联网。
那么这个配置正确吗?我如何更改这些文件以正确配置它?
也为了更好地衡量我的 ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 100.80.0.1 netmask 255.255.255.0 broadcast 100.80.0.255
inet6 fe80::14a8:83ff:fe5b:a89c prefixlen 64 scopeid 0x20<link>
ether 16:a8:83:5b:a8:9c txqueuelen 1000 (Ethernet)
RX packets 666051 bytes 252795968 (252.7 MB)
RX errors 0 dropped 59 overruns 0 frame 0
TX packets 127129 bytes 14963222 (14.9 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s31f6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:01:2e:84:6a:13 txqueuelen 1000 (Ethernet)
RX packets 691307 bytes 261567317 (261.5 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 242102 bytes 38886894 (38.8 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16 memory 0xdf300000-df320000
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255
ether 00:01:2e:84:6a:14 txqueuelen 1000 (Ethernet)
RX packets 111556 bytes 21621626 (21.6 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 523333 bytes 80568249 (80.5 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 11909999 bytes 4519986237 (4.5 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 11909999 bytes 4519986237 (4.5 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.42.0.1 netmask 255.255.255.0 broadcast 10.42.0.255
ether 00:24:d6:fc:f5:e9 txqueuelen 1000 (Ethernet)
RX packets 87180 bytes 10348796 (10.3 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 134948 bytes 148087795 (148.0 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
答案1
要将您的设备用作路由器(从客户端的角度来看,该设备将是其默认网关),您将需要以下配置设置:
将想要通过路由器设备访问互联网的设备设置为使用该设备作为默认网关。如果他们从该设备获取 DHCP,则可以将其作为 DHCP 选项传入。否则,您需要在设备本身上添加此路由。使用以下命令检查它们的路由表
ip
:$ ip route show default via 172.31.100.1 dev eno2 proto static ...
您应该看到路由器主机的地址作为其默认网关路由。
在路由器主机上启用转发:
$ echo 1 > /proc/sys/net/ipv4/ip_forward
设置从
eth0
“ LAN”适配器eth1
到“WAN”适配器的路由:eth0
eth1
iptables -t nat -I POSTROUTING -o eth1 -j MASQUERADE iptables -I FORWARD -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -I FORWARD -i eth1 -j ACCEPT
测试。
要删除这些设置:
iptables -t nat -D POSTROUTING -o eth1 -j MASQUERADE iptables -D FORWARD -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -D FORWARD -i eth1 -j ACCEPT echo 0 > /proc/sys/net/ipv4/ip_forward
所有这些命令都需要以超级用户身份运行。