我正在尝试基于 Ubuntu Server 22,通过具有两个以太网端口(enp2s0
和enp3s0
)和 WiFI( )的设备构建家庭路由器。wlo2
一切设置完毕,客户端可以通过 wifi 连接到路由器(它的 IP 地址192.168.1.1
),可以获取其 IP 地址(192.168.1.11
和192.168.1.12
)。但他们无法访问互联网。而且每个客户端都可以互相 ping 通,但 ping 路由器总是失败。
不明白该怎么做,因为没有发生错误并且 DHCP 和 NAT 工作正常。
配置:
/etc/netplan/00-installer-config.yaml
network:
version: 2
renderer: networkd
ethernets:
enp2s0:
ignore-carrier: true
dhcp4: false
optional: true
addresses:
- 192.168.1.2/24
enp3s0:
dhcp4: true
wifis:
wlo2:
dhcp4: false
addresses:
- 192.168.1.1/24
access-points:
"TestNetwork":
password: "myTestNetwork123"
/etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.200;
option domain-name-servers 8.8.8.8, 8.8.4.4;
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option ntp-servers 192.168.1.1;
}
/etc/default/isc-dhcp-server
INTERFACESv4="enp2s0 wlo2"
INTERFACESv6=""
/etc/hostapd/hostapd.conf
interface=wlo2
driver=nl80211
ssid=TestNetwork
hw_mode=g
channel=1
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=myTestNetwork123
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
/etc/default/hostapd
DAEMON_CONF="/etc/hostapd/hostapd.conf"
启用流量转发
sudo echo 1 | tee /proc/sys/net/ipv4/ip_forward
/etc/iptables/rules.v4
*filter
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A FORWARD -I enp2s0 -o enp3s0 -j ACCEPT
-A FORWARD -I wlo2 -o enp3s0 -j ACCEPT
-A FORWARD -I enp3s0 -o enp2s0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -I enp3s0 -o wlo2 -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
*nat
-A POSTROUTING -o $WAN_INTERFACE -j MASQUERADE
COMMIT
Sysctl 设置
echo "net.ipv4.ip_forward=1" | tee /etc/sysctl.conf
所有服务均正常运行。未发现错误。