[SOLVED]odroid-xu4 sharing internet to a router's wan

This forum is for supported devices using an ARMv7 Samsung SoC.

[SOLVED]odroid-xu4 sharing internet to a router's wan

Postby jbodhorn » Sun Jun 26, 2016 5:33 am

I've posted a bunch of configs at the bottom, if anything else is needed please let me know. The main things I've got installed and set up so far are: netctl, openresolv, vsftpd, samba file sharing, iptables(very basic atm due to the issues I'm having), apache/lamp, and dnsmasq for cache/dhcp services among other random apps/services.

I've got internet connection sharing on the odroid via dnsmasq/iptables, it's set up going from on-board ethernet to usb3 gigabit ethernet. Internet comes in through on-board ethernet device net0(eth0 is net0 via udev rule) and out through usb ethernet device net1(eth1 is net1 renamed via udev rule). The shared connection is quick and reliable, but I just cannot get internet connection sharing to work by connecting the shared connection to a router's wan port. Sharing to the router's lan port as a switch/AP barely works sometimes and it's not what I want anyway....

So, I've tried connecting this second router to the odroid's share internet as a switch/AP, turning on and off dhcp, manually and automatically assigning dns... but nothing works completely. I just cannot get it to work properly as a switch/AP and as I said it's not what I want anyway. For whatever reason only one device can connect to the router's wifi when it receives internet shared from the odroid to the router's lan instead of its wan port. Devices plugged into the other open lan ports of this second router get no internet access at all.... Connecting from the odroid's shared internet to second router's wan gives me nothing, no internet, and I usually can't even access this second router's web admin console....

ATM I have this second router plugged into a lan port on my ips's router/modem. I've added a route in the routing table of the isp's modem/router so I am able to plug from isp's modem/router lan port to wan of the second router. This works, both routers work....

Here is what I added in routing on my isp's modem/router to be able to plug from a lan port on my isp's modem/router to the wan port of the second router:
Code: Select all
destination 172.16.0.1
netmask 255.255.255.255
gateway 192.168.1.1
metric 2


The two routers work perfect, aside from the fact the none of my odroid's services are accessible from the second router... My reason for wanting to have the odroid in the middle of the two routers is because I want at the very least samba and ftp to work on both subnets

What in the world do I have to do do get internet from my isp's router(192.168.1.1/24) through the odroid and to the second router(172.16.0.1/24). I have a feeling I need to add a route like I did on my isp's modem/router to get the second router to work. I'm assuming I need to add a route from net0(internet in) to net1(ethernet sharing the internet) but I'm not sure how or at least not how to make it stick after a reboot... below I will post my configs

Code: Select all
/etc/udev/rules.d/10-network.rules


Code: Select all
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="00:1e:06:32:10:17", NAME="net0"
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="00:13:3b:8b:28:84", NAME="net1"


Code: Select all
/etc/netctl/net0


Code: Select all
Description='A basic dhcp ethernet connection'
Interface=net0
Connection=ethernet
IP=dhcp
DHCPClient=dhcpcd
#DHCPReleaseOnStop=no
## for DHCPv6
#IP6=dhcp
#DHCP6Client=dhclient
## for IPv6 autoconfiguration
#IP6=stateless


Code: Select all
/etc/netctl/net1


Code: Select all
Description='A basic static ethernet connection'
Interface=net1
Connection=ethernet
IP=static
Address=('172.16.0.1/24')
#Routes=('172.16.0.0/24 via 192.168.1.1')
#Gateway='192.168.1.1'
#DNS=('192.168.1.1')
ExcludeAuto=no
SkipNoCarrier=yes

## For IPv6 autoconfiguration
#IP6=stateless

## For IPv6 static address configuration
#IP6=static
#Address6=('1234:5678:9abc:def::1/64' '1234:3456::123/96')
#Routes6=('abcd::1234')
#Gateway6='1234:0:123::abcd'


Code: Select all
ip route show


Code: Select all
default via 192.168.1.1 dev net0  src 192.168.1.229  metric 202
172.16.0.0/24 dev net1  proto kernel  scope link  src 172.16.0.1
192.168.1.0/24 dev net0  proto kernel  scope link  src 192.168.1.229  metric 202


atm here are my iptables
Code: Select all
/etc/iptables/iptables.rules


Code: Select all
# Generated by iptables-save v1.6.0 on Sun Jun 19 23:51:55 2016
*filter
:INPUT ACCEPT [306:35418]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [199:17646]
-A FORWARD -i net1 -o net0 -j ACCEPT
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Sun Jun 19 23:51:55 2016
# Generated by iptables-save v1.6.0 on Sun Jun 19 23:51:55 2016
*nat
:PREROUTING ACCEPT [96:6253]
:INPUT ACCEPT [57:4381]
:OUTPUT ACCEPT [19:2095]
:POSTROUTING ACCEPT [4:677]
-A POSTROUTING -o net0 -j MASQUERADE
COMMIT
# Completed on Sun Jun 19 23:51:55 2016
# Generated by iptables-save v1.6.0 on Sun Jun 19 23:51:55 2016
*mangle
:PREROUTING ACCEPT [910:120931]
:INPUT ACCEPT [816:116427]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [570:51783]
:POSTROUTING ACCEPT [583:54290]
COMMIT
# Completed on Sun Jun 19 23:51:55 2016
# Generated by iptables-save v1.6.0 on Sun Jun 19 23:51:55 2016
*raw
:PREROUTING ACCEPT [1553:237859]
:OUTPUT ACCEPT [989:90577]
COMMIT
# Completed on Sun Jun 19 23:51:55 2016


Code: Select all
/etc/resolvconf.conf


Code: Select all
# Configuration for resolvconf(8)
# See resolvconf.conf(5) for details

resolv_conf=/etc/resolv.conf

# If you run a local name server, you should uncomment the below line and
# configure your subscribers configuration files below.
name_servers=127.0.0.1

# Write out dnsmasq extended configuration and resolv files
#dnsmasq_conf=/etc/dnsmasq-resolvconf.conf
dnsmasq_resolv=/etc/dnsmasq-resolv.conf


Code: Select all
/etc/resolv.conf


Code: Select all
# Generated by resolvconf
domain fios-router.home
nameserver 127.0.0.1


Code: Select all
/etc/dhcpcd.conf


Code: Select all
# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.

# Allow users of this group to interact with dhcpcd via the control socket.
controlgroup wheel

# Inform the DHCP server of our hostname for DDNS.
hostname

# Use the hardware address of the interface for the Client ID.
clientid
# or
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
# Some non-RFC compliant DHCP servers do not reply with this set.
# In this case, comment out duid and enable clientid above.
#duid

# Persist interface configuration when dhcpcd exits.
persistent

# Rapid commit support.
# Safe to enable by default because it requires the equivalent option set
# on the server to actually work.
option rapid_commit

# A list of options to request from the DHCP server.
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
# Most distributions have NTP support.
option ntp_servers
# Respect the network MTU. This is applied to DHCP routes.
option interface_mtu

# A ServerID is required by RFC2131.
require dhcp_server_identifier

# Generate Stable Private IPv6 Addresses instead of hardware based ones
#slaac private
noipv4ll
#nohook resolv.conf
noarp
static domain_name_servers=68.237.161.12,71.250.0.12,192.168.1.1
noipv6rs
noipv6


Code: Select all
/etc/dnsmasq.conf


Code: Select all
#/etc/dnsmasq.conf
resolv-file=/etc/dnsmasq-resolv.conf
#conf-file=/etc/dnsmasq-resolvconf.conf
domain-needed
port=53
local=/xxxxxxxxxx.no-ip.org/
bogus-priv
domain=xxxxxxxxxx.no-ip.org
expand-hosts
server=68.237.161.12#(verizon fios dns servers)
server=71.250.0.12#(verizon fios dns servers)
listen-address=192.168.1.229#odroid reserver dhcp address in isp router
listen-address=127.0.0.1
listen-address=172.16.0.1#static assigned by netctl
interface=net1
interface=lo
no-dhcp-interface=net0
bind-interfaces
dhcp-range=172.16.0.2,172.16.0.100,12h
dhcp-authoritative
dhcp-leasefile=/var/lib/misc/dnsmasq.leases
cache-size=10000
log-queries
log-dhcp


I don't know what I'm supposed to have in /etc/dnsmasq-resolvconf.conf so that's why it's commented out. I'm posting post what it ends up as after
Code: Select all
 sudo resolvconf -u


Code: Select all
/etc/dnsmasq-resolvconf.conf


Code: Select all
# Generated by resolvconf

# Domain specific servers will be sent over dbus


So as you see, there is nothing really there....

Code: Select all
/etc/dnsmasq-resolv.conf


Code: Select all
# Generated by resolvconf
nameserver 68.237.161.12,71.250.0.12,192.168.1.1



Here's what I get when I check dnsmasq's status:

Code: Select all
[alarm@alarm etc]$ sudo systemctl status -l dnsmasq.service
* dnsmasq.service - A lightweight DHCP and caching DNS server
   Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2016-06-25 23:26:01 EDT; 1s ago
     Docs: man:dnsmasq(8)
  Process: 2517 ExecStartPre=/usr/bin/dnsmasq --test (code=exited, status=0/SUCCESS)
 Main PID: 2521 (dnsmasq)
   CGroup: /system.slice/dnsmasq.service
           `-2521 /usr/bin/dnsmasq -k --enable-dbus --user=dnsmasq --pid-file

Jun 25 23:26:01 alarm dnsmasq[2521]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-L
Jun 25 23:26:01 alarm systemd[1]: Started A lightweight DHCP and caching DNS server.
Jun 25 23:26:01 alarm dnsmasq[2521]: DBus support enabled: connected to system bus
Jun 25 23:26:01 alarm dnsmasq-dhcp[2521]: DHCP, IP range 172.16.0.2 -- 172.16.0.100, lease time 12h
Jun 25 23:26:01 alarm dnsmasq-dhcp[2521]: DHCP, sockets bound exclusively to interface net1
Jun 25 23:26:01 alarm dnsmasq[2521]: using nameserver 71.250.0.12#53
Jun 25 23:26:01 alarm dnsmasq[2521]: using nameserver 68.237.161.12#53
Jun 25 23:26:01 alarm dnsmasq[2521]: using local addresses only for domain xxxxxxxxxx.no-ip.org
Jun 25 23:26:01 alarm dnsmasq[2521]: no servers found in /etc/dnsmasq-resolv.conf, will retry
Jun 25 23:26:01 alarm dnsmasq[2521]: read /etc/hosts - 2 addresses


notice the
Code: Select all
Jun 25 23:26:01 alarm dnsmasq[2521]: no servers found in /etc/dnsmasq-resolv.conf, will retry

I know for a fact there are servers listed there, just not as I would expect the format to be and maybe that's why it says none are there

When I manually edit this file:
Code: Select all
/etc/dnsmasq-resolv.conf

so it looks like as it is below, instead of what resolvconf.conf makes:

Code: Select all
# Generated by resolvconf
nameserver 68.237.161.12
nameserver 71.250.0.12


And I check dnsmasq's status...

Code: Select all
[alarm@alarm etc]$ sudo systemctl status -l dnsmasq.service
[sudo] password for alarm:
* dnsmasq.service - A lightweight DHCP and caching DNS server
   Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2016-06-25 20:31:39 EDT; 2h 54min ago
     Docs: man:dnsmasq(8)
  Process: 471 ExecStartPre=/usr/bin/dnsmasq --test (code=exited, status=0/SUCCESS)
 Main PID: 480 (dnsmasq)
   CGroup: /system.slice/dnsmasq.service
           `-480 /usr/bin/dnsmasq -k --enable-dbus --user=dnsmasq --pid-file

Jun 25 22:03:47 alarm dnsmasq[480]: query[AAAA] alarm from 127.0.0.1
Jun 25 22:03:47 alarm dnsmasq[480]: config alarm is NODATA-IPv6
Jun 25 22:03:47 alarm dnsmasq[480]: query[A] alarm.fios-router.home from 127.0.0.1
Jun 25 22:03:47 alarm dnsmasq[480]: cached alarm.fios-router.home is NXDOMAIN
Jun 25 22:03:47 alarm dnsmasq[480]: query[AAAA] alarm.fios-router.home from 127.0.0.1
Jun 25 22:03:47 alarm dnsmasq[480]: cached alarm.fios-router.home is NXDOMAIN
Jun 25 22:03:47 alarm dnsmasq[480]: query[A] alarm from 127.0.0.1
Jun 25 22:03:47 alarm dnsmasq[480]: config alarm is NODATA-IPv4
Jun 25 22:03:47 alarm dnsmasq[480]: query[AAAA] alarm from 127.0.0.1
Jun 25 22:03:47 alarm dnsmasq[480]: config alarm is NODATA-IPv6


IT WORKS!!!!

When I reboot I'm back to this:

Code: Select all
/etc/dnsmasq-resolv.conf


Code: Select all
# Generated by resolvconf
nameserver 68.237.161.12,71.250.0.12,192.168.1.1


and this....

Code: Select all
[alarm@alarm etc]$ sudo systemctl status -l dnsmasq.service
* dnsmasq.service - A lightweight DHCP and caching DNS server
   Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2016-06-25 23:26:01 EDT; 1s ago
     Docs: man:dnsmasq(8)
  Process: 2517 ExecStartPre=/usr/bin/dnsmasq --test (code=exited, status=0/SUCCESS)
 Main PID: 2521 (dnsmasq)
   CGroup: /system.slice/dnsmasq.service
           `-2521 /usr/bin/dnsmasq -k --enable-dbus --user=dnsmasq --pid-file

Jun 25 23:26:01 alarm dnsmasq[2521]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-L
Jun 25 23:26:01 alarm systemd[1]: Started A lightweight DHCP and caching DNS server.
Jun 25 23:26:01 alarm dnsmasq[2521]: DBus support enabled: connected to system bus
Jun 25 23:26:01 alarm dnsmasq-dhcp[2521]: DHCP, IP range 172.16.0.2 -- 172.16.0.100, lease time 12h
Jun 25 23:26:01 alarm dnsmasq-dhcp[2521]: DHCP, sockets bound exclusively to interface net1
Jun 25 23:26:01 alarm dnsmasq[2521]: using nameserver 71.250.0.12#53
Jun 25 23:26:01 alarm dnsmasq[2521]: using nameserver 68.237.161.12#53
Jun 25 23:26:01 alarm dnsmasq[2521]: using local addresses only for domain xxxxxxxxxx.no-ip.org
Jun 25 23:26:01 alarm dnsmasq[2521]: no servers found in /etc/dnsmasq-resolv.conf, will retry
Jun 25 23:26:01 alarm dnsmasq[2521]: read /etc/hosts - 2 addresses



I should add that when I was trying to plug the second router into the shared internet of the odroid I had my ip change by one number. In that case the second router's ip was set to 172.16.0.2

when I edit my
Code: Select all
/etc/dnsmasq.conf

and
Code: Select all
/etc/resolvconf.conf

and uncomment the following line
Code: Select all
dnsmasq_conf=/etc/dnsmasq-resolvconf.conf


it still looks exactly the same:
Code: Select all
# Generated by resolvconf

# Domain specific servers will be sent over dbus


and I still get the
Code: Select all
alarm dnsmasq[3778]: no servers found in /etc/dnsmasq-resolv.conf, will retry


even though that file shows three nameservers, all on one line with a "," between each... just like I posted above

Code: Select all
sudo systemctl status -l dnsmasq.service


Code: Select all
* dnsmasq.service - A lightweight DHCP and caching DNS server
   Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2016-06-26 00:47:41 EDT; 7s ago
     Docs: man:dnsmasq(8)
  Process: 3774 ExecStartPre=/usr/bin/dnsmasq --test (code=exited, status=0/SUCCESS)
 Main PID: 3778 (dnsmasq)
   CGroup: /system.slice/dnsmasq.service
           `-3778 /usr/bin/dnsmasq -k --enable-dbus --user=dnsmasq --pid-file

Jun 26 00:47:41 alarm dnsmasq[3778]: started, version 2.76 cachesize 10000
Jun 26 00:47:41 alarm dnsmasq[3778]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-L
Jun 26 00:47:41 alarm dnsmasq[3778]: DBus support enabled: connected to system bus
Jun 26 00:47:41 alarm dnsmasq-dhcp[3778]: DHCP, IP range 172.16.0.2 -- 172.16.0.100, lease time 12h
Jun 26 00:47:41 alarm dnsmasq-dhcp[3778]: DHCP, sockets bound exclusively to interface net1
Jun 26 00:47:41 alarm dnsmasq[3778]: using nameserver 71.250.0.12#53
Jun 26 00:47:41 alarm dnsmasq[3778]: using nameserver 68.237.161.12#53
Jun 26 00:47:41 alarm dnsmasq[3778]: using local addresses only for domain xxxxxxxxxx.no-ip.org
Jun 26 00:47:41 alarm dnsmasq[3778]: no servers found in /etc/dnsmasq-resolv.conf, will retry
Jun 26 00:47:41 alarm dnsmasq[3778]: read /etc/hosts - 2 addresses


I most definitely can't have it so every time I reboot that I have to edit this:
Code: Select all
/etc/dnsmasq-resolv.conf


Code: Select all
# Generated by resolvconf
nameserver 68.237.161.12,71.250.0.12,192.168.1.1


so it looks like this:

Code: Select all
# Generated by resolvconf
nameserver 68.237.161.12
nameserver 71.250.0.12


Most importantly I really gotta get my odroid's shared internet connected to my second router's wan port. The devices plugged to the router's ethernet and connected by its wifi need access to my NAS. The whole point in buying the odroid was to upgrade from my RPi b+ not getting this working to me means it wasn't worth buying the odroid, much less all this headache....
Last edited by jbodhorn on Sun Sep 18, 2016 11:59 pm, edited 1 time in total.
jbodhorn
 
Posts: 41
Joined: Wed Dec 16, 2015 2:22 am

Re: odroid-xu4 sharing internet to a router's wan

Postby sdrider » Sat Jul 09, 2016 3:52 pm

If I understand correctly, you're trying to achieve something like this:

Internet --> ISP Modem & Router (network #1) --> odroid-xu4 --> 2nd router (network #2) --> devices that want to access internet and odroid services

You didn't explain the purpose of network segregation, especially considering you want the services on odroid-xu4 accessible from both, but for now I'll just assume you know what/why you're doing that since you bought an odroid and a USB network adapter specifically for that purpose. (if this is not what you're trying to achieve, you could greatly simplify your network architecture)

I'll further assume you don't want the network behind the 2nd router to access your ISP Router network, so are perhaps using the 2nd network as a DMZ/isolation network, which would imply your goal is to ONLY allow the 2nd network to reach the internet, not to fully bridge network #1 and network #2. (again if this is not true, there are other options to simplify your network architecture)

So first things first. Forget dnsmasq and resolv.conf for now. It has nothing to do with your routing. Its only purpose is to hand out DHCP addresses (if you intend to use it as such) and to cache DNS, and/or possibly serve up local DNS. But you're not even to the point of worrying about DNS, you need to get basic IP routing working first.

So first thing is to verify you have the internet working on the odroid, so you aren't troubleshooting an ISP cable modem issue. So you should ping a public server from the odroid (such as 8.8.8.8) and make sure that's working first.

To avoid having to monkey with dnsmasq for now, you should just set a static IP address on router #2. You've defined odroid's net1 interface IP address as 172.16.0.1. So maybe statically set router #2 to 172.16.0.2.

Then your next step is to verify routing to the odroid. You should be able to ping it from behind network #2, such as "ping 172.16.0.1". Your firewalls are wide open so this should work.

At this point, if all is well, you've verified internet connectivity out net0 and you've verified connectivity from devices on 172.* to your odroid, so both networks and interfaces are working and all you have to do is configure your networks however you like on the odroid.

Reviewing your iptables, your FORWARD rules appear correct: you have the required MASQUERADE on POSTROUTING. And your FORWARD table is wide open (you might want to lock this down later otherwise network2 will be able to talk to network1). The only thing I don't see is enabling forwarding in the kernel - it's off by default. Run "sysctl -a | grep forwarding" to check.

You can use systemd networking to enable this on your interfaces, just add 'IPForward=yes' to your network config for interfaces you want to enable forwarding on.

Finally, repeat the same simple ping test from a device on network two - this avoids any issues with dnsmasq or DNS resolving. You should be able to ping 8.8.8.8 and it should work if your routing and NATs are configured correctly.

If at any step along the way you aren't seeing what you expect, you can use tcpdump to watch the raw packets on your interfaces. Note tcpdump sees the packets before ipfilters so it won't help you troubleshoot filter problems, but this is actually great because it allows you to verify what's actually on the interfaces in question. Once you know the packets are making it to your odroid, you can add log statements to ipfilters to do any further troubleshooting of your ipfilter rules.
sdrider
 
Posts: 29
Joined: Sat Aug 10, 2013 3:56 am

Re: odroid-xu4 sharing internet to a router's wan

Postby nayr1991 » Sat Aug 27, 2016 12:32 pm

It sounds to me like your ISP router doesn't have a route for the subnets behind your second router, so while traffic going TO your odroid from your second router works, the ISP router doesn't have a route BACK to these subnets.

You'll just need to add a new route and set the gateway for that route as the WAN IP of your second router.
nayr1991
 
Posts: 2
Joined: Sat Aug 27, 2016 11:13 am

Re: odroid-xu4 sharing internet to a router's wan

Postby jbodhorn » Sun Sep 18, 2016 11:58 pm

After lots of moments of my brain hurting from thinking too hard I finally got my Odroid-xu4 to share it's internet connection to a router. I don't know what it was that I changed that made it work, but here's what's working for me:

Code: Select all
/etc/udev/rules.d/10-network.rules


Code: Select all
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="00:1e:06:32:10:17", NAME="net0"
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="00:13:3b:8b:28:84", NAME="net1"


Code: Select all
ip route show


Code: Select all
default via 192.168.1.1 dev net0  src 192.168.1.229  metric 202
192.168.0.0/24 dev net1  proto kernel  scope link  src 192.168.0.1
192.168.1.0/24 dev net0  proto kernel  scope link  src 192.168.1.229  metric 202


Code: Select all
/etc/dhcpcd.conf


Code: Select all
# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.

# Allow users of this group to interact with dhcpcd via the control socket.
controlgroup wheel

# Inform the DHCP server of our hostname for DDNS.
hostname

# Use the hardware address of the interface for the Client ID.
clientid
# or
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
# Some non-RFC compliant DHCP servers do not reply with this set.
# In this case, comment out duid and enable clientid above.
#duid

# Persist interface configuration when dhcpcd exits.
persistent

# Rapid commit support.
# Safe to enable by default because it requires the equivalent option set
# on the server to actually work.
option rapid_commit

# A list of options to request from the DHCP server.
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
# Most distributions have NTP support.
option ntp_servers
# Respect the network MTU. This is applied to DHCP routes.
option interface_mtu

# A ServerID is required by RFC2131.
require dhcp_server_identifier

# Generate Stable Private IPv6 Addresses instead of hardware based ones
#slaac private
noipv4ll
nohook resolv.conf
noarp
#static domain_name_servers=68.237.161.12,71.250.0.12,192.168.1.1
noipv6rs
noipv6


Code: Select all
#/etc/dnsmasq.conf


Code: Select all
#resolv-file=/etc/dnsmasq-resolv.conf
no-resolv
no-poll
addn-hosts=/etc/dnsmasq_static_hosts.conf
#conf-file=/etc/dnsmasq-resolvconf.conf
no-hosts
domain-needed
address=/doubleclick.net/127.0.0.1
port=53
local=/local.lan/
bogus-priv
domain=odroid-xu4.no-ip.org
expand-hosts
server=68.237.161.12
server=71.250.0.12
listen-address=127.0.0.1
listen-address=192.168.0.1
listen-address=192.168.1.229
interface=net1
interface=lo
no-dhcp-interface=net0
bind-interfaces
dhcp-range=192.168.0.11,192.168.0.25,12h
dhcp-host=00:1f:90:50:17:69,192.168.0.10
dhcp-option=option:router,192.168.0.1
dhcp-option=option:ntp-server,192.168.0.5
dhcp-option=19,0 # ip-forwarding off
dhcp-option=44,192.168.0.5 # set netbios-over-TCP/IP aka WINS
dhcp-option=45,192.168.0.5 # netbios datagram distribution server
dhcp-option=46,8           # netbios node type
dhcp-authoritative
dhcp-leasefile=/var/lib/misc/dnsmasq.leases
cache-size=10000
log-queries=extra
log-dhcp
log-facility=/var/log/dnsmasq.log
user=dnsmasq
group=dnsmasq
pid-file=/var/run/dnsmasq.pid
all-servers



Code: Select all
/etc/netctl/net0


Code: Select all
Description='A basic dhcp ethernet connection'
Interface=net0
Connection=ethernet
IP=dhcp
DHCPClient=dhcpcd
#DHCPReleaseOnStop=no
## for DHCPv6
#IP6=dhcp
#DHCP6Client=dhclient
## for IPv6 autoconfiguration
#IP6=stateless


Code: Select all
/etc/netctl/net1


Code: Select all
Description='A basic static ethernet connection'
Interface=net1
Connection=ethernet
IP=static
Address=('192.168.0.1/24')
#Routes=('192.168.0.1/24 via 192.168.1.1')
#Gateway='192.168.1.1'
#DNS=('127.0.0.1')
ExcludeAuto=no
SkipNoCarrier=yes

## For IPv6 autoconfiguration
#IP6=stateless

## For IPv6 static address configuration
#IP6=static
#Address6=('1234:5678:9abc:def::1/64' '1234:3456::123/96')
#Routes6=('abcd::1234')
#Gateway6='1234:0:123::abcd'


Code: Select all
/etc/resolvconf.conf


Code: Select all
# Configuration for resolvconf(8)
# See resolvconf.conf(5) for details

resolv_conf=/etc/resolv.conf
# If you run a local name server, you should uncomment the below line and
# configure your subscribers configuration files below.
name_servers=127.0.0.1

# Write out dnsmasq extended configuration and resolv files
#dnsmasq_conf=/etc/dnsmasq-resolvconf.conf
dnsmasq_resolv=/etc/dnsmasq-resolv.conf



Code: Select all
/etc/resolv.conf


Code: Select all
# Generated by resolvconf
nameserver 127.0.0.1


Code: Select all
/etc/dnsmasq_static_hosts.conf
192.168.0.10    Wireless_Broadband_Router *


Code: Select all
/etc/hosts


Code: Select all
#
# /etc/hosts: static lookup table for host names
#

#<ip-address>   <hostname.domain.org>   <hostname>
127.0.0.1       localhost.localdomain   localhost
::1             localhost.localdomain   localhost


# End of file


Code: Select all
/etc/iptables/iptables.rules


Code: Select all
# Generated by iptables-save v1.6.0 on Tue Jul  5 21:35:37 2016
*raw
:PREROUTING ACCEPT [12821478:44461877472]
:OUTPUT ACCEPT [7119537:24076684137]
COMMIT
# Completed on Tue Jul  5 21:35:37 2016
# Generated by iptables-save v1.6.0 on Tue Jul  5 21:35:37 2016
*mangle
:PREROUTING ACCEPT [12821478:44461877472]
:INPUT ACCEPT [12775807:44459539161]
:FORWARD ACCEPT [217:61479]
:OUTPUT ACCEPT [7119537:24076684137]
:POSTROUTING ACCEPT [7124142:24077463056]
COMMIT
# Completed on Tue Jul  5 21:35:37 2016
# Generated by iptables-save v1.6.0 on Tue Jul  5 21:35:37 2016
*nat
:PREROUTING ACCEPT [61852:4576410]
:INPUT ACCEPT [16386:2298934]
:OUTPUT ACCEPT [3602:499700]
:POSTROUTING ACCEPT [801:100392]
-A POSTROUTING -o net0 -j MASQUERADE
COMMIT
# Completed on Tue Jul  5 21:35:37 2016
# Generated by iptables-save v1.6.0 on Tue Jul  5 21:35:37 2016
*filter
:INPUT ACCEPT [104:25867]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [40:3655]
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A FORWARD -i net1 -o net0 -j ACCEPT
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Tue Jul  5 21:35:37 2016


If anyone attempts to do what I did and it's not working I sadly doubt I'd be able to help(that doesn't mean don't ask, of course I'd try to help), I honestly don't know why it's working now and it wasn't before. I definitely made some changes but I'm not sure which changes made my odroid go from only able to share it's internet to another computer to being able to share it's internet to a router

I still have a lot of work ahead to lock this mini server down and make it more secure and user friendly, but I'm quite happy with what I have so far. I'm using my Odroid as a samba server, ftp, and webserver. Samba shares are accessible from both the network providing internet to the Odroid and the network the Odroid is providing internet to. Atm I can't access Samba shares by name from the network the Odroid is providing internet to but I can access them by ip, so
Code: Select all
\\alarm\share
isn't working when connected to the router the Odroid is providing internet to, but
Code: Select all
\\192.168.0.1\share
is working. I can access Samba shares by name when connected to the network the providing internet to the Odroid
jbodhorn
 
Posts: 41
Joined: Wed Dec 16, 2015 2:22 am


Return to Samsung

Who is online

Users browsing this forum: No registered users and 2 guests