Estou tendo problemas para configurar uma ponte para meu raspberry pi.
Minha configuração é:
Eu tenho um laptop rodando a estação de trabalho fedora 27 que está conectada à internet por wifi. Eu tenho um Raspberry Pi Zero W que está conectado ao meu laptop via usb(e apenas usb, sem energia externa, sem ethernet, nada).
Eu atualizei a imagem stretch lite para o meu pi e instalei P4wnP1a partir daqui: https://github.com/mame82/P4wnP1
Antes de instalar P4wnP1meu pi tinha um endereço aleatório 169.254.xxx.xxx, é por isso que mudei o ip da minha interface usb ethernet para um adequado sub-rede para ssho pi. Depois de um tempo, descobri a configuração certa para colocar meu pi online e baixar o git para clonar o repositório.
Depois que executei install.she reiniciei o pi, o pi tinha um endereço IP estático 172.16.0.1. E tentei a mesma coisa para colocá-lo online, mudei o ip da minha interface, ssh para pi, configurei o gateway para minha máquina fedora.
Mas não consigo obter o pi online.
Provavelmente devo mencionar aqui que habilitei "compartilhar conexão com outros computadores" network managere também tentei muitas coisas com iptableso , mas não consigo fazê-lo funcionar.
Passei os últimos 3 dias tentando descobrir, mas não tive sucesso.
aqui está o meu ifconfig no meu fedora:
$ ifconfig
enp0s20f0u6i1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.0.2 netmask 255.255.0.0 broadcast 172.16.255.255
inet6 fe80::f7f7:80c:8a15:5771 prefixlen 64 scopeid 0x20<link>
ether ee:98:9b:bc:37:ab txqueuelen 1000 (Ethernet)
RX packets 2687 bytes 186674 (182.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1648 bytes 176862 (172.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s31f6: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether c8:5b:76:6b:e4:90 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16 memory 0xf1200000-f1220000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1982 bytes 177290 (173.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1982 bytes 177290 (173.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:08:e4:d3 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.106 netmask 255.255.255.0 broadcast 192.168.2.255
inet6 fe80::ebcf:d3b1:5a74:185e prefixlen 64 scopeid 0x20<link>
ether e4:a7:a0:99:2e:8d txqueuelen 1000 (Ethernet)
RX packets 135496 bytes 72791497 (69.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 51579 bytes 21450089 (20.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
aqui a enp0s20f06i3interface é aquela conectada ao pi. Antes de alterar seu endereço IP, ele tinha um 10.46.0.1endereço, que também é o mesmo endereço após a reinicialização.
aqui route -ndo meu pi
pi@MAME82-P4WNP1:~ $ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.0.2 0.0.0.0 UG 0 0 0 usb0
172.16.0.0 0.0.0.0 255.255.255.252 U 0 0 0 usb0
172.24.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
e o ifconfig do meu pi
pi@MAME82-P4WNP1:~ $ ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
usb0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.0.1 netmask 255.255.255.252 broadcast 172.16.0.3
inet6 fe80::cc4b:62ff:fe84:7df0 prefixlen 64 scopeid 0x20<link>
ether ce:4b:62:84:7d:f0 txqueuelen 1000 (Ethernet)
RX packets 1959 bytes 182340 (178.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3197 bytes 269463 (263.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.24.0.1 netmask 255.255.255.0 broadcast 172.24.0.255
inet6 fe80::ba27:ebff:fe5e:ceb7 prefixlen 64 scopeid 0x20<link>
ether b8:27:eb:5e:ce:b7 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14 bytes 1404 (1.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
e aqui route -nno meu fedora
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 600 0 0 wlp4s0
172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp0s20f0u6i1
192.168.2.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp4s0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
resolv.confno meu pi
pi@MAME82-P4WNP1:~ $ cat /etc/resolv.conf
# Generated by resolvconf
nameserver 10.46.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
e /etc/network/interfacesno meu pi
pi@MAME82-P4WNP1:~ $ cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
dns-nameservers 8.8.8.8 8.8.4.4
auto usb0
iface usb0 inet manual
auto usb1
iface usb1 inet manual
finalmente iptablesestou no meu fedora, onde acho que o problema é:
$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
INPUT_direct all -- anywhere anywhere
INPUT_ZONES_SOURCE all -- anywhere anywhere
INPUT_ZONES all -- anywhere anywhere
DROP all -- anywhere anywhere ctstate INVALID
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 10.42.0.0/24 state RELATED,ESTABLISHED
ACCEPT all -- 10.42.0.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
FORWARD_direct all -- anywhere anywhere
FORWARD_IN_ZONES_SOURCE all -- anywhere anywhere
FORWARD_IN_ZONES all -- anywhere anywhere
FORWARD_OUT_ZONES_SOURCE all -- anywhere anywhere
FORWARD_OUT_ZONES all -- anywhere anywhere
DROP all -- anywhere anywhere ctstate INVALID
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:bootpc
OUTPUT_direct all -- anywhere anywhere
Chain FORWARD_IN_ZONES (1 references)
target prot opt source destination
FWDI_FedoraWorkstation all -- anywhere anywhere [goto]
FWDI_FedoraWorkstation all -- anywhere anywhere [goto]
FWDI_FedoraWorkstation all -- anywhere anywhere [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
target prot opt source destination
Chain FORWARD_OUT_ZONES (1 references)
target prot opt source destination
FWDO_FedoraWorkstation all -- anywhere anywhere [goto]
FWDO_FedoraWorkstation all -- anywhere anywhere [goto]
FWDO_FedoraWorkstation all -- anywhere anywhere [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target prot opt source destination
Chain FORWARD_direct (1 references)
target prot opt source destination
Chain FWDI_FedoraWorkstation (3 references)
target prot opt source destination
FWDI_FedoraWorkstation_log all -- anywhere anywhere
FWDI_FedoraWorkstation_deny all -- anywhere anywhere
FWDI_FedoraWorkstation_allow all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
Chain FWDI_FedoraWorkstation_allow (1 references)
target prot opt source destination
Chain FWDI_FedoraWorkstation_deny (1 references)
target prot opt source destination
Chain FWDI_FedoraWorkstation_log (1 references)
target prot opt source destination
Chain FWDO_FedoraWorkstation (3 references)
target prot opt source destination
FWDO_FedoraWorkstation_log all -- anywhere anywhere
FWDO_FedoraWorkstation_deny all -- anywhere anywhere
FWDO_FedoraWorkstation_allow all -- anywhere anywhere
Chain FWDO_FedoraWorkstation_allow (1 references)
target prot opt source destination
Chain FWDO_FedoraWorkstation_deny (1 references)
target prot opt source destination
Chain FWDO_FedoraWorkstation_log (1 references)
target prot opt source destination
Chain INPUT_ZONES (1 references)
target prot opt source destination
IN_FedoraWorkstation all -- anywhere anywhere [goto]
IN_FedoraWorkstation all -- anywhere anywhere [goto]
IN_FedoraWorkstation all -- anywhere anywhere [goto]
Chain INPUT_ZONES_SOURCE (1 references)
target prot opt source destination
Chain INPUT_direct (1 references)
target prot opt source destination
Chain IN_FedoraWorkstation (3 references)
target prot opt source destination
IN_FedoraWorkstation_log all -- anywhere anywhere
IN_FedoraWorkstation_deny all -- anywhere anywhere
IN_FedoraWorkstation_allow all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
Chain IN_FedoraWorkstation_allow (1 references)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns ctstate NEW
ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm ctstate NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW
ACCEPT udp -- anywhere anywhere udp dpts:blackjack:65535 ctstate NEW
ACCEPT tcp -- anywhere anywhere tcp dpts:blackjack:65535 ctstate NEW
Chain IN_FedoraWorkstation_deny (1 references)
target prot opt source destination
Chain IN_FedoraWorkstation_log (1 references)
target prot opt source destination
Chain OUTPUT_direct (1 references)
target prot opt source destination
Acho que preciso apenas adicionar as entradas adequadas, mas não consegui descobrir, pesquisei em muitos fóruns.
existe uma maneira de alterar as 10.46.0.0/24entradas para a 172.16.0.0/24rede?
porque minha interface tinha esse ip antes e se eu pudesse apenas trocar o ip nas regras eu estaria feito, certo?
Eu tentei sudo iptables -t nat -A POSTROUTING -o wlp4s0 -j MASQUERADEe também tentei definir as regras sozinho, porém não consigo definir minhas FORWARDregras de acordo.