Recently, I was asked to create a Linux based WI-fi access point using the new Raspberry Pi 2 Model B. This project had a .. happy ending, thanks to the numerous bloggers of the π community. Here, there and there just to mention a few.
What I wish to keep as a reference to this blog post is the iptables setup that allowed the device to forward IP v4 traffic between the Ethernet and the Wi-fi ports.
To get started create a file like /etc/iptables.ip-v4.nat containing the following:
# Generated by iptables-save v1.4.14 on Mon Mar 23 18:48:53 2015 *filter :INPUT ACCEPT [121:10892] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [5:800] -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i wlan0 -o eth0 -j ACCEPT COMMIT # Completed on Mon Mar 23 18:48:53 2015 # Generated by iptables-save v1.4.14 on Mon Mar 23 18:48:53 2015 *nat :PREROUTING ACCEPT [96:7931] :INPUT ACCEPT [20:2899] :OUTPUT ACCEPT [2:224] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Mon Mar 23 18:48:53 2015
Next, edit /etc/network/interfaces and place the following after the wi-fi setup at the very end:
# Configure firewall to allow traffic between wlan0 and eth0 up iptables-restore < /etc/iptables.ip-v4.nat
