RE: Need advice on Debian Hotspot

Thu, 15 Sep 2005 13:19:33 -0700 

> Greetings,
>
> I want to set up a local wifi hotspot. I've got a decent
> cable internet
> connection to feed it, a small switch to connect everything,
> the access
> points, cabling, and I've just purchased an inexpensive box
> to use as the
> server for the whole project. Naturally, I want to use Debian for the
> server OS, because of apt's ease of management.

This is what I do.

eth0 is WAN and eth1 is LAN.
This works like a charm.
Just put it in /etc/init.d/whatever
cd /etc/init.d/
update-rc.d whatever defaults

TADAA!!

#!/bin/sh
iptables -F; iptables -t nat -F; iptables -t mangle -F
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT
iptables -P INPUT DROP

iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 80 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 113 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 21 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 25 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 1194 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 1194 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 110 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 8000 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 8001 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 8001 -j ACCEPT



then set the DHCP to have knowledge of the both networks.
dhcpd
subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.10 192.168.0.30;
  option broadcast-address 192.168.0.30;
  option domain-name "dns.domain.nameHere";
  option domain-name-servers your.dns.isp.address;
  option routers 192.168.0.1;
}

# The other subnet that shares this physical network (eth0?)
 subnet your.network.here.0 netmask 255.255.255.0 {
  option broadcast-address your.broad.add.here;
  option routers your.defaul.gateway.here;
}


Set the stuff under /etc/networking/interfaces

dammed, I spoiled the fun of this.

(I DUNNO HOW TO MAKE THE USERS TO GO INTO A HTTP BEFORE USING ANYTHIGN ELSE
BEFORE. HOW IS THAT?)

.Alejandro


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to