Fix network & add docs

https://askubuntu.com/questions/62166/siocsifflags-operation-not-possible-due-to-rf-kill http://alexkutsan.blogspot.com/2012/03/siocsifflags-operation-not-possible-due.html http://dragonflybsd.blogspot.com/2013/10/debian-allow-hotplug-auto.html https://forum.ubuntu.ru/index.php?topic=297273.0
urpylka · Nov 24, 2020 · 5a6df62 · 5a6df62
1 parent e82982a
commit 5a6df62
Show file tree

Hide file tree

Showing 6 changed files with 53 additions and 78 deletions.
diff --git a/assets/make-setup.sh b/assets/make-setup.sh
@@ -6,25 +6,6 @@ set -e # Exit immidiately on non-zero result
 systemctl disable wpa_supplicant
 systemctl disable dhcpcd
 
-# Настройка NAT (если нужен интернет)
-# sudo nano /etc/sysctl.conf
-# Найдем и раскомментируем строку net.ipv4.ip_forward=1
-# Сохраняем и закрываем файл.
-
-# Далее, создадим правила iptables для организации раздачи интернет.
-
-# Выполним в терминале:
-# sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
-# sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-# sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
-# sudo sh -c "iptables-save > /etc/iptables.rules"
-
-# Добавим в автозагрузку правила iptables: sudo nano /etc/rc.local
-# Идем в самый конец файла и перед exit 0 добавим строку:iptables-restore < /etc/iptables.rules
-
-SCRIPT="sudo /root/iptables.sh"
-sed -i "20a${SCRIPT}" /etc/rc.local
-
 mkdir /var/log/dnsmasq
 touch /var/log/dnsmasq/dnsmasq.leases
 

diff --git a/assets/network/interfaces.conf b/assets/network/interfaces.conf
@@ -5,51 +5,46 @@ source-directory /etc/network/interfaces.d
 
 auto lo
 iface lo inet loopback
-# pre-up sh -c `echo 1 > /proc/sys/net/ipv4/ip_forward`
-# It doesn't work
 
 auto eth0
 allow-hotplug eth0
 iface eth0 inet manual
 
 # iface eth0 inet dhcp
-#     post-up sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
-#     post-up iptables -A FORWARD -i br0 -o eth0 -j ACCEPT
-#     post-up iptables -A FORWARD -i eth0 -o br0 -j ACCEPT
-#     post-up iptables -A POSTROUTING -o eth0 -t nat -j MASQUERADE
+# post-up sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
+# post-up iptables -A FORWARD -i br0 -o eth0 -j ACCEPT
+# post-up iptables -A FORWARD -i eth0 -o br0 -j ACCEPT
+# post-up iptables -A POSTROUTING -o eth0 -t nat -j MASQUERADE
 
 auto wlan0
 allow-hotplug wlan0
 iface wlan0 inet manual
+pre-up rfkill unblock wifi
 
 auto br0
 iface br0 inet static
-    address 192.168.11.1
-    netword 192.168.11.0
-    netmask 255.255.255.0
-    gateway 192.168.11.1
-	broadcast 192.168.11.255
-# wlan0 is not needed because use bridge=wlan0 in /etc/hostapd/hostapd.conf
-    # bridge_ports eth0
-#    post-up ip addr flush dev br0
-#    pre-up ip addr flush dev br0
-#    post-up iptables -A FORWARD -i br0 -o eth1 -j ACCEPT
-#    post-up iptables -A FORWARD -i eth1 -o br0 -j ACCEPT
-#    post-up iptables -A POSTROUTING -o eth1 -t nat -j MASQERADE
-
-# мб этот скрипт нужно ставить не в отдельной секции, а вообще в файле?
-# pre-up iptables-restore < /etc/ppp/ip-up.d/iptables.rules
-
-auto eth1
+address 192.168.11.1
+netword 192.168.11.0
+netmask 255.255.255.0
+# gateway 192.168.11.1
+broadcast 192.168.11.255
+bridge_ports eth0
+# wlan0 isn't set because is used bridge=wlan0 in /etc/hostapd/hostapd.conf
+bridge_stp off
+bridge_fd 0
+bridge_maxwait 0
+
 allow-hotplug eth1
+no-auto-down eth1
 iface eth1 inet dhcp
-    post-up sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
-    post-up iptables -A FORWARD -i br0 -o eth1 -j ACCEPT
-    post-up iptables -A FORWARD -i eth1 -o br0 -j ACCEPT
-    post-up iptables -A POSTROUTING -o eth1 -t nat -j MASQUERADE
-
-#auto tun0
-#iface tun0 inet manual
-#    pre-up route del -net 0.0.0.0/1
-#    pre-up route del -net 128.0.0.0/1
-#    pre-up route del -host 255.255.255.0
+# /etc/sysctl.conf ipv4.ip_forward=1
+post-up sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
+post-up iptables -A FORWARD -i br0 -o eth1 -j ACCEPT
+post-up iptables -A FORWARD -i eth1 -o br0 -j ACCEPT
+post-up iptables -A POSTROUTING -o eth1 -t nat -j MASQUERADE
+
+allow-hotplug tun0
+iface tun0 inet manual
+pre-up route del -net 0.0.0.0/1
+pre-up route del -net 128.0.0.0/1
+pre-up route del -host 255.255.255.0
diff --git a/assets/network/iptables.sh b/assets/network/iptables.sh
diff --git a/build.sh b/build.sh
@@ -45,7 +45,6 @@ EXEC '/make-init.sh' "\${PROJECT}" "\${IMAGE_VERSION}" "\${IMAGE_SOURCE}"
 EXEC '/make-install.sh'
 
 COPY '/network/interfaces.conf' '/etc/network/interfaces'
-COPY '/network/iptables.sh' '/root/'
 COPY '/network/hostapd.conf' '/etc/hostapd/hostapd.conf'
 COPY '/network/dnsmasq.conf' '/etc/dnsmasq.conf'
 

diff --git a/docs/README.md b/docs/README.md
@@ -21,3 +21,7 @@ Image version is used in the name of image and you can check it inside image in
 To set own version of the image you can set `IMAGE_VERSION` before run `./build.sh`. Otherwise will be used 7 digits of the last commit in the repo.
 
 > In Github Actions is used the tag or the branch name provided by `github.ref` env variable.
+
+## Documentation
+
+* [Network](/docs/network.md)
diff --git a/docs/network.md b/docs/network.md
@@ -0,0 +1,21 @@
+# Network
+
+Default network is setup as router.
+
+`wlan0` and `eth0` is combined by bridge-utils to `br0`.
+
+And if you connect USB external network card or cell modem `eth1` will nated to `br0`.
+
+> dhcp client works on `eth1`.
+
+There is `dnsmasq`. It works in `br0` network.
+
+The network has `192.168.11.0/24` addressing with `192.168.11.1` gateway. Also you can use domain name that equals the project name (by default `theimage`).
+
+There is `hostapd`. It provide Wi-Fi AP. It's called `project-1234`.
+
+Settings place in three files:
+
+1. `/etc/dnsmasq.conf`
+2. `/etc/hostapd/hostapd.conf`
+3. `/etc/network/interfaces`