wlan2eth/bridge/nat/nat-install.sh

199 lines
5.3 KiB
Bash
Executable File

#!/bin/bash
# https://raspberrypi.stackexchange.com/questions/88954/workaround-for-a-wifi-bridge-on-a-raspberry-pi-with-proxy-arp
# https://www.willhaley.com/blog/raspberry-pi-wifi-ethernet-bridge/
# ==============================================================================
# Config
SOURCE=${BASH_SOURCE[0]}
while [ -L "$SOURCE" ]; do
DIR=$(cd -P "$(dirname "$SOURCE")" >/dev/null 2>&1 && pwd)
SOURCE=$(readlink "$SOURCE")
[[ $SOURCE != /* ]] && SOURCE=$DIR/$SOURCE
done
DIR=$(cd -P "$(dirname "$SOURCE")" >/dev/null 2>&1 && pwd)
if [[ -f "$DIR/../../config/nat-config.sh" ]]; then
. "$DIR/../../config/nat-config.sh"
else
echo "$DIR/../../config/nat-config.sh missing!"
exit 1
fi
# ==============================================================================
# Setup
# Must be run as root
if [ "$(id -u)" -ne 0 ]; then
echo 'This script must be run as root.' >&2
exit 1
fi
echo -e "# PREPARE ENVIRONMENT #"
# Reset interfaces
iptables -X
iptables -F
iptables -t nat -X
iptables -t nat -F
echo "Erased all iptables rules."
ifconfig $WLAN_IFACE down
ifconfig $WLAN_IFACE hw ether $(ethtool -P $WLAN_IFACE | awk '{print $3}')
ifconfig $WLAN_IFACE up
echo "Reset the $WLAN_IFACE WiFi interface."
while true; do
WLAN_IFACE_IP=$(ip -4 -br addr show $WLAN_IFACE | grep -Po "\\d+\\.\\d+\\.\\d+\\.\\d+")
if [ -n "${WLAN_IFACE_IP}" ]; then
echo "Got it!"
break
fi
echo "Waiting for $WLAN_IFACE to get an IP..."
sleep 5
done
# Stop dnsmasq and restore systemd-resolved so we can avoid any DNS issues
systemctl stop dnsmasq
echo "Stopped dnsmasq."
systemctl start systemd-resolved
echo "Started systemd-resolved."
# We only need to get the $WLAN_IFACE IP address and will copy it over to $ETH_IFACE later
WLAN_NETMASK=$(ip addr show $WLAN_IFACE | grep -w inet | awk '{print $2}' | cut -d'/' -f2)
WLAN_NETMASK_CIDR=$(ip addr show $WLAN_IFACE | grep -w inet | awk '{print $2}' | cut -d'/' -f2)
if $NON_INTERACTIVE; then
NON_INTERACTIVE_APT="-y"
else
NON_INTERACTIVE_APT=""
fi
# ==============================================================================
# Install stuff
echo -e "\n# INSTALL THINGS #"
INSTALL_DIR="/opt/wlan2eth"
echo "Installing to $INSTALL_DIR"
if [ "$DIR" != "$INSTALL_DIR" ]; then
if ! $NON_INTERACTIVE; then
echo -e "\nGoing to copy $DIR to $INSTALL_DIR"
read -p "Press ENTER to continue or CTRL+C to cancel..."
fi
echo "Copying files..."
mkdir -p "$INSTALL_DIR"
cp -r "$DIR"/* "$INSTALL_DIR"
chown -R root:root /opt/wlan2eth
else
echo "We are already in $INSTALL_DIR, not copying files."
fi
echo -e "Upgrading...\n"
apt-get update
apt-get upgrade $NON_INTERACTIVE_APT
echo -e "\n"
THINGS_TO_INSTALL="net-tools ethtool dnsmasq openssh-server"
if ! $NON_INTERACTIVE; then
echo "Going to install: $THINGS_TO_INSTALL"
read -p "Press ENTER to continue or CTRL+C to cancel..."
fi
echo -e "\n"
apt-get install $NON_INTERACTIVE_APT $THINGS_TO_INSTALL
echo -e "\nStarting dnsmasq..."
sudo systemctl stop dnsmasq
sudo systemctl disable dnsmasq
if ! $NON_INTERACTIVE; then
echo -e "\nGoing to replace networking with systemd-networkd."
read -p "Press ENTER to continue or CTRL+C to cancel..."
fi
apt-get autoremove --purge $NON_INTERACTIVE_APT ifupdown dhcpcd5 isc-dhcp-client isc-dhcp-common
echo -e "\n\nConnecting to WiFi..."
WPA_SUPP_FILE="/etc/wpa_supplicant/wpa_supplicant-$WLAN_IFACE.conf"
cat >"$WPA_SUPP_FILE" <<EOF
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=USifconfig $WLAN_IFACE
network={
ssid="$WIFI_SSID"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
identity="$WIFI_USERNAME"
password="$WIFI_PWD"
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}
EOF
chmod 600 "$WPA_SUPP_FILE"
echo "Created wpa_supplicant: $WPA_SUPP_FILE"
systemctl disable wpa_supplicant.service
systemctl stop wpa_supplicant.service
systemctl enable --now wpa_supplicant@$WLAN_IFACE.service
systemctl status --no-pager wpa_supplicant@$WLAN_IFACE.service
echo ""
ifconfig $WLAN_IFACE
echo -e "\n"
NET_CONF_FILE="/etc/systemd/network/08-$WLAN_IFACE.network"
cat >"$NET_CONF_FILE" <<EOF
[Match]
Name=$WLAN_IFACE
[Network]
IPForward=yes
DHCP=yes
EOF
echo "Created network config for the $WLAN_IFACE WiFi interface."
echo -e "Finishing systemd-networkd install...\n"
apt-get install $NON_INTERACTIVE_APT libnss-resolve
ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
systemctl enable --now systemd-resolved.service
systemctl restart systemd-networkd.service
# echo -e "\n\nInstall complete! Ignore any service errors for now..."
sed -i'' 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
sysctl -p /etc/sysctl.conf
echo "Set net.ipv4.ip_forward=1 in /etc/sysctl.conf"
mkdir -p /var/lib/dnsmasq/
echo "Created /var/lib/dnsmasq/"
# Set up the SSH server. The port number may change and we won't always
# know what it used to be, so just remove all lines starting with "Port "
sed -i '/^Port /d' /etc/ssh/sshd_config
echo "Port $ROUTER_SSH_PORT" >> /etc/ssh/sshd_config
systemctl restart ssh
systemctl enable --now ssh
echo "Set SSH server port to $ROUTER_SSH_PORT"
echo ""
systemctl status --no-pager ssh
echo ""
echo -e "Installing the wlan2eth systemd service..."
cp "$DIR/wlan2eth.service" /etc/systemd/system/
systemctl daemon-reload
systemctl enable --now wlan2eth
echo ""
systemctl status --no-pager wlan2eth
echo -e "\n==============\nDone!\nNow reboot!"