892
edits
(Created page with "An exit node is like a relay node but with a connection out to the Internet. Exit nodes are run by sudo mesh and have the sudo mesh organization listed as...") |
|||
Line 11: | Line 11: | ||
= NATed internet access = | = NATed internet access = | ||
Create the script /etc/init.d/meshnat containing the following: | |||
<pre> | |||
#!/bin/sh | |||
PUBIF="eth0" | |||
BATIF="bat0" | |||
case "$1" in | |||
start) | |||
echo "Starting mesh NAT" | |||
echo 1 > /proc/sys/net/ipv4/ip_forward | |||
iptables -t nat -A POSTROUTING -o $PUBIF -j MASQUERADE | |||
iptables -A FORWARD -i $PUBIF -o $BATIF -m state --state RELATED,ESTABLISHED $ | |||
iptables -A FORWARD -i $PUBIF -o $BATIF -j DROP | |||
;; | |||
stop) | |||
echo "Stopping mesh NAT" | |||
echo 0 > /proc/sys/net/ipv4/ip_forward | |||
iptables -F FORWARD | |||
iptables -t nat -F POSTROUTING | |||
;; | |||
*) | |||
echo "Usage: $0 start|stop" >&2 | |||
exit 3 | |||
;; | |||
esac | |||
</pre> | |||
Make it executable: | |||
chmod 755 /etc/init.d/meshnat | |||
Now modify the tunneldigger broker session.up hook script to start the meshnat script. Change the section: | |||
if [ `cat /sys/class/net/bat0/operstate` != "up" ]; then | |||
ifup bat0 | |||
fi | |||
To: | |||
if [ `cat /sys/class/net/bat0/operstate` != "up" ]; then | |||
ifup bat0 && /etc/init.d/meshnat start | |||
fi | |||
Now NAT should be set up correctly. | |||
= Setting up DNS = | = Setting up DNS = | ||
Line 21: | Line 66: | ||
sudo aptitude install dnsmasq | sudo aptitude install dnsmasq | ||
Ensure that you have one or more domain name server IPs in /etc/resolv.conf | |||
Make sure that ENABLED=1 is set in /etc/default/dnsmasq | |||
Restart dnsmasq if you changed anything: | |||
sudo /etc/init.d/dnsmasq restart | |||
= Fake captive portal = | = Fake captive portal = | ||
TODO write this section | TODO write this section |