树莓派网络环境配置(Wire+STA+AP)

玩转树莓派

树莓派网络配置

raspberry pi不同系统版本的网络配置方法略有不同，需要阅读官方文档，针对具体的版本进行配置，
以下设置针对stretch版本，其他版本未作测试

需求

• 有线接入公网
• 无线wlan0 作为STA
• 无线wlan1 作为AP，提供无线热点

  有线网络

  树莓派接入有线网络，默认DHCP获取地址，这里配置static ip，方便后续维护管理
• edit dhcpcd.conf

vim /etc/dhcpcd.conf

在文件末尾添加以下内容,重启树莓派即可

#static IP configuration
interface eth0
static ip_address=192.168.0.105/24
static routers=192.168.0.1
static domain_name_servers=192.168.0.1

无线网络

• USB无线网卡
  由于树莓派2B没有板载无线芯片，这里使用usb wireless dongle来实现，推荐使用免驱的USB dongle，可在树莓派的USB dongle支持列表里查看https://elinux.org/RPi_USB_Wi-Fi_Adapters
  无线网卡均支持STA模式，AP模式是否支持可从https://wireless.wiki.kernel.org/en/users/drivers查看
  将两张USB dongle 插入树莓派的USB端口，查看型号

  pi@raspberrypi:~ $ lsusb
  Bus 001 Device 006: ID 0bda:8179 Realtek Semiconductor Corp. RTL8188EUS 802.11n Wireless Network Adapter
  Bus 001 Device 005: ID 258a:001a
  Bus 001 Device 007: ID 093a:2532 Pixart Imaging, Inc.
  Bus 001 Device 004: ID 0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n WLAN Adapter
  Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp. SMSC9512/9514 Fast Ethernet Adapter
  Bus 001 Device 002: ID 0424:9514 Standard Microsystems Corp. SMC9514 Hub
  Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

可见两款USB dongle的型号分别为RTL8188EUS和RTL8188CUS，都是RealTek的，官方文档表示该型号AP功能未测试，那么接下来我便实测一下
Tips

树莓派在系统启动时会随机为无线网卡分配设备接口号，也就是两块USB Dongle的设备名 wlan0和wlan1会随机swap，但这并不影响使用

wlan0 STA设置

• 配置 /etc/network/interfaces
  在改文件里添加以下内容

  allow-hotplug wlan0
  iface wlan0 inet manual
  pre-up wpa_supplicant -B w -D wext -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
  post-down killall -q wpa_supplicant

• 配置 /etc/wpa_supplicant/wpa_supplicant.conf

  country=GB
  ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
  update_config=1
  
  network={
      ssid="xxxxxx"
      psk="xxxxxx"

其中ssid和psk分别表示无线网络名称和密码

• 配置 /etc/dhcpcd.conf
  在文件末尾添加以下内容

  interface wlan0
  static ip_address=192.168.0.116/24
  static routers=192.168.0.1
  static domain_name_servers=192.168.0.1

• 重启树莓派，查看wlan0接入网络是否成功

  pi@raspberrypi:~ $ ifconfig wlan0
  wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
          inet 192.168.0.116  netmask 255.255.255.0  broadcast 192.168.0.255
          inet6 fe80::b80e:3e12:3882:fa4d  prefixlen 64  scopeid 0x20<link>
          ether 00:13:ef:81:00:0b  txqueuelen 1000  (Ethernet)
          RX packets 3064  bytes 524906 (512.6 KiB)
          RX errors 0  dropped 44  overruns 0  frame 0
          TX packets 46  bytes 6094 (5.9 KiB)
          TX errors 0  dropped 3 overruns 0  carrier 0  collisions 0

可见wlan0已经分配地址192.168.0.116，wlan0作为STA设置完成

wlan1 AP设置

• 准备工作
  安装需要的软件包
  hostapd—支持无线网卡作为无线热点使用
  dnsmasq— 提供DHCP和DNS服务

  sudo apt-get install hostapd dnsmasq

• 修改/etc/dhcpcd.conf
  禁止wlan1 DHCP功能，将其修改为静态ip地址，这个地址将做为后续我们wifi热点的网关地址
  在/etc/dhcpcd.conf末尾添加以下内容

  interface wlan1
  static ip_address=192.168.2.1/24

• 配置 /etc/network/interfaces
  在文件结尾添加以下内容

  allow-hotplug wlan1
  iface wlan1 inet manual

• 重启dhcp服务和wlan1无线网卡配置

  sudo service dhcpcd restart
  sudo ifdown wlan1
  sudo ifup   wlan

• 配置hostapd

  sudo vim etc/hostapd/hostapd.conf
  
  interface=wlan1
  driver=nl80211
  ssid=TP-LINK_1112_hot
  hw_mode=g
  channel=6
  wmm_enabled=1
  macaddr_acl=0
  auth_algs=1
  ignore_broadcast_ssid=0
  wpa=2
  wpa_passphrase=asdfghjkl_123
  wpa_key_mgmt=WPA-PSK
  rsn_pairwise=CCMP

运行以下命令

sudo /usr/sbin/hostapd /etc/hostapd/hostapd.conf

Configuration file: /etc/hostapd/hostapd.conf
Using interface wlan1 with hwaddr 00:13:ef:62:0b:ef and ssid "TP-LINK_1112_hot"
wlan1: interface state UNINITIALIZED->ENABLED
wlan1: AP-ENABLED

wlan1: AP-ENABLED表明配置成功

配置hostapd为自启动模式

sudo vim /etc/default/hostapd

将DAEMON_CONF 修改为DAEMON_CONF=”/etc/hostapd/hostapd.conf”

• 配置DNSMASQ
  为了实现上网功能，需要对DNSMASQ服务进行配置，首先备份一下系统默认的文件，然后创建一个新的配置文件

  sudo mv /etc/dnsmasq.conf/etc/bak_dnsmasq.conf
  sudo vim /etc/dnsmasq.conf
  
  interface=wlan0
  
  bind-interfaces
  
  server=218.2.2.2
  
  server=114.114.114.114
  
  server=8.8.8.8
  
  domain-needed
  
  bogus-priv
  
  dhcp-range=192.168.2.2,192.168.2.254,12h

• 设置IPV4内核转发
  打开系统配置文件sysctl.conf,将IPV4转发那一行的#去掉

  net.ipv4.ip_forward=1

下一次重启后会生效，如果不想现在重启，可以直接输入如下指令直接生效

sudo sh -c "echo 1 >/proc/sys/net/ipv4/ip_forward"

• 防火墙设置
  为了实现树莓派以太网接口共享给wlan1上网，需要配置NAT，需先执行如下防火墙命令

  sudo iptables -F
  sudo iptables -X
  sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  sudo iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT
  sudo iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT
  sudo bash -c iptables-save > /etc/etc/iptables.ipv4.nat

编辑sudo vim /etc/network/if-pre-up.d/iptables
添加下面两行代码：

#!/bin/bash
/sbin/iptables-restore < /etc/iptables.ipv4.nat

sudo chmod 755 /etc/network/if-pre-up.d/iptables

• 通过获取DHCPCD来运行NAT需要创建一个新文件

  sudo touch /lib/dhcpcd/dhcpcd-hooks/70-ipv4-nat

• 重启服务：

  sudo service hostapd start
  sudo service dnsmasq start
  sudo reboot

测试

重启树莓派后，输入ifconfig，得到以下结果

pi@raspberrypi:~ $ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.106  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::216c:c891:56cf:67  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:b3:69:7e  txqueuelen 1000  (Ethernet)
        RX packets 69  bytes 6676 (6.5 KiB)
        RX errors 0  dropped 1  overruns 0  frame 0
        TX packets 199  bytes 34379 (33.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 36  bytes 5308 (5.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 36  bytes 5308 (5.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.116  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::b80e:3e12:3882:fa4d  prefixlen 64  scopeid 0x20<link>
        ether 00:13:ef:81:00:0b  txqueuelen 1000  (Ethernet)
        RX packets 281  bytes 46958 (45.8 KiB)
        RX errors 0  dropped 445  overruns 0  frame 0
        TX packets 45  bytes 6194 (6.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.2.1  netmask 255.255.255.0  broadcast 192.168.2.255
        inet6 fe80::f6ba:c0c:8aa6:1285  prefixlen 64  scopeid 0x20<link>
        ether 00:13:ef:62:0b:ef  txqueuelen 1000  (Ethernet)
        RX packets 113  bytes 7493 (7.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 32  bytes 3980 (3.8 KiB)
        TX errors 0  dropped 5 overruns 0  carrier 0  collisions 0

eth0 wlan0 wlan1均已正常工作，good job！

但是用手机搜索热点，并没有找到SSID 为TP-LINK_1112_hot一项
查看进程

ps -aux | grep hostapd

root       444  0.0  0.1   6168  1868 ?        Ss   00:12   0:00 /usr/sbin/hostapd -B -P /run/hostapd.pid /etc/hostapd/hostapd.conf
pi         959  0.0  0.0   6200   564 pts/0    S+   00:18   0:00 grep --color=auto hostapd

hostapd已经启动，重启试试

sudo /usr/sbin/hostapd /etc/hostapd/hostapd.conf

Configuration file: /etc/hostapd/hostapd.conf
Using interface wlan1 with hwaddr 00:13:ef:62:0b:ef and ssid "TP-LINK_1112_hot"
wlan1: interface state UNINITIALIZED->ENABLED
wlan1: AP-ENABLED

重启后手机可以搜索到这个热点，但是拿不到ip
ps查看是未启动dnsmasq服务
重启dnsmasq

sudo service dnsmasq start

现在手机可以连接到热点了，但是上不了网

重新配置防火墙

sudo iptables -F
sudo iptables -X
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT

现在手机终于可以上网了

可以写个脚本，将这三项需要手动启动的项目开机自动启动

sudo vim startHot.sh

#!/bin/sh
iptables -F
iptables -X
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT

service dnsmasq start

/usr/sbin/hostapd /etc/hostapd/hostapd.conf

编写开机自启脚本

#BEGIN INIT INFO
# Provides:          tightvncserver
# Required-Start:    $local_fs
# Required-Stop:     $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start/stop tightvncserver
### END INIT INFO

# More details see:
# http://www.penguintutor.com/linux/tightvnc

### Customize this entry
# Set the USER variable to the name of the user to start tightvncserver under
export USER='pi'
### End customization required

eval cd ~$USER

case "$1" in
  start)
    su $USER -c '/etc/init.d/startHot >/dev/null'
    echo "Starting hotserver server for $USER "
    ;;
  stop)
    su $USER -c '/etc/init.d/startHot -kill :1'
    echo "hotserver stopped"
    ;;
  *)
    echo "Usage: /etc/init.d/hotserver {start|stop}"
    exit 1
    ;;
esac
exit 0

注册开机启动
sudo update-rc.d hotserver defaults

可是重启后并没有启动，应该是树莓派使用systemctl这种新型的服务启动方式了，暂时不折腾了
直接手动启动脚本吧

sudo startHot >/dev/null 2&>1 &

OK,热点已经启动，手机连接可以正常上网。

这里使用eth0->wlan1转发的，也可以配置防火墙，让wlan0->wlan1转发，就可以拔掉树莓派的网线啦！