Menu Close

Pi3 Current Setup (2020)

subnet 192.168.11.0

netmask 255.255.255.0
range 192.168.11.20 192.168.101.30;
option broadcast-address 192.168.11.255;
option routers 192.168.11.1;
default-lease-time 600;
max-lease-time 7200;
option domain-name “local”
option domain-name-servers 8.8.8.8, 8.8.4.4;
DAEMON_CONF=/etc/hostapd/hostapd.conf
[NAS]
comment = NAS Storage
path = /home/pi/NAS
valid users = @users
force group = users
create mask = 0660
directory mask = 0771
read only = no #restart the samba server
sudo /etc/init.d/samba restart
create user/users to access the NAS if needed
example: useradd NAS -m -G users
passwd NAS
sudo iptables -t nat -S
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state & state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD eth0 -o wlan0 -m state & state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo sh -c & echo 1 /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o tun+ -m #LAN out to VPN&#-j ACCEPT
sudo iptables -A FORWARD -i tun+ -o eth0 -m state & state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p udp dport 53 -m comment & comment ;dns; -j ACCEPT
sudo iptables -A OUTPUT -p UDP ;dport 67:68 -m comment ;comment ; dhcp; -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p udp ;dport 123 -m comment ;comment ;ntp ; -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p udp ;dport 1198 -m comment ;comment ;openvpn; -j ACCEPT
sudo iptables -I OUTPUT -o tun+ -m comment ;comment #Out to VPN&# -j ACCEPT
sudo iptables -I INPUT -i eth0 -m comment ;comment #In from LAN# ; -j ACCEPT
sudo iptables -A OUTPUT -o lo -m comment ;comment #loopback# -j ACCEPT
sudo iptables -A INPUT -i lo -m comment ;comment #loopback# -j ACCEPT