Setting up WiFi Bridge Using Raspberry 4. WLAN TO ETH0

Requirement, Raspberry4, SD CARD, LAN CABLE,

Step1:- Need To Connect Screen, Keyboard, Mouse, To Raspberry Pi.

Step2:- open cmd

sudo su

nano /etc/wpa_supplicant/wpa_supplicant.conf

country=in

update_config=1

ctrl_interface=/var/run/wpa_supplicant

network={

ssid=”Hello”

psk=”12345678"

}

Change SSID, According To Your Network.If DHCP Provide IP Than OK

2.1:- If You Want To Go For Static IP Add WLAN IP Manually.

nano /etc/dhcpcd.conf

interface wlan0
static ip_address=192.168.1.194/24
static routers=192.168.1.224
static domain_name_servers=192.168.1.3 8.8.8.8

If Ip Is Provide By DHCP Than No Need Of Step 2.1.

Step3:- Install dnsmasq

apt-get update

apt-get upgrade

apt install dnsmasq

Step4:- Add Eth0 Ip & Save File

nano /etc/dhcpcd.conf

#Add Line In File

interface eth0

static ip_address=192.168.220.1/24

static routers=192.168.220.0

Step4:- Add Lines TO dnsmasq file

nano /etc/dnsmasq.conf

dhcp-mac=set:client_is_a_pi,B8:27:EB:*:*:*

dhcp-reply-delay=tag:client_is_a_pi,2

interface=eth0

listen-address=192.168.220.1

bind-interfaces

server=8.8.8.8

domain-needed

bogus-priv

dhcp-range=192.168.220.50,192.168.220.150,12h

Step5:-Uncomment Line from

nano /etc/sysctl.conf

Find:

#net.ipv4.ip_forward=1

Replace with:

net.ipv4.ip_forward=1

Step 6. Now since we don’t want to have to wait until the next reboot before the configuration is loaded in, we can run the following command to enable it immediately.

sudo sh -c “echo 1 > /proc/sys/net/ipv4/ip_forward”

Step 7. Now that IPv4 Forwarding is enabled we can reconfigure our firewall so that traffic is forwarded from our eth0 interface over to our wlan0 connection. Basically this means that anyone connecting to the ethernet will be able to utilize our wlan0 internet connection.

Run the following commands to add our new rules to the iptable:

sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
sudo iptables -A FORWARD -i wlan0 -o eth0 -m state — state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT

sudo ip route del 0/0 dev eth0 &> /dev/null
a=`route | awk “/${wlan}/”’{print $5+1;exit}’`
sudo route add -net default gw 192.168.220.1 netmask 0.0.0.0 dev eth0 metric $a

Note: If you get errors when entering the above lines simply reboot the Pi using sudo reboot.

Step 8. Of course iptables are flushed on every boot of the Raspberry Pi so we will need to save our new rules somewhere so they are loaded back in on every boot.

To save our new set of rules run the following command.

sudo sh -c “iptables-save > /etc/iptables.ipv4.nat”

Step 9. Now with our new rules safely saved somewhere we need to make this file be loaded back in on every reboot. The most simple way to handle this is to modify the rc.local file.

Run the following command to begin editing the file.

sudo nano /etc/rc.local

Step 10. Now we are in this file, we need to add the line below. Make sure this line appears above exit 0. This line basically reads the settings out of our iptables.ipv4.nat file and loads them into the iptables.

Find:

exit 0

Add Above:

iptables-restore < /etc/iptables.ipv4.nat

Now we can save and quit out of the file by pressing Ctrl+X then pressing Y and then Enter.

Step 11. Finally all we need to do is start our dnsmasq service. To do this, all you need to do is run the following command:

sudo service dnsmasq start

Step 12. Now you should finally have a fully operational Raspberry Pi WiFi Bridge, you can ensure this is working by plugging any device into its Ethernet port, the bridge should provide an internet connection to the device you plug it into.

To ensure everything will run smoothly, it’s best to try rebooting now. This will ensure that everything will successfully re-enable when the Raspberry Pi is started back up. Run the following command to reboot the Raspberry Pi:

sudo reboot

Step13. After Restart Add Port Forwarding Rule For IP You Assigned to Camera & Any device to access from your static ip.

#Roule For Port Forwarding

iptables -t nat -A PREROUTING -i wlan0 -p tcp — dport 8080 -j DNAT — to 192.168.220.121:8080

iptables -t nat -A POSTROUTING -p tcp -d 192.168.220.121 — dport 8080 -j MASQUERADE

iptables -t nat -A PREROUTING -i wlan0 -p tcp — dport 80 -j DNAT — to 192.168.220.123:80

iptables -t nat -A POSTROUTING -p tcp -d 192.168.220.121 — dport 80 -j MASQUERADE

sudo sh -c “iptables-save > /etc/iptables.ipv4.nat”