wireless bridge turned router

Do you have a question? Post it now! No Registration Necessary

Translate This Thread From English to

Threaded View
Greetings to all you gurus,

I have a small wireless access point that i'm trying to configure to
work as a wireless router.The AP has 2 wireless NICs (eth2, eth3) and
a wired NIC (eth0).

I have a bridge daemon running on it, which makes it an access point
in the first place,linking all the available NICs. Under normal
circumstances, the AP is fed with data on the eth0 wired interface,
directly from the cable/dsl router.

What i'm trying to do is tweak the box in such a way that one of the 2
wireless interfaces(eth2) acts as the WAN side for the router(to be),
and the other two interfaces, the LAN sides of it.

I only need simple SNAT on it for now, that is, i want to be able to
connect to the outside from machines on the wired and remaining
wireless interface subnets.

  wireless ISP -- eth2(wireless) -> eth0(wired)    -- wired subnet
                                 -> eth1(wireless) -- wireless subnet

I am not interested in the routing table update aspects of the problem
(RIP) yet, as i hope those can be taken care of by adding
zebra(zebra.org) to the box, nor in the security aspects.

The router would have to have a static IP associated on the WAN side
and LAN IPs on the local subnet sides(eth3 + eth0). Currently the
bridge is transparent, no explicit IPs have been set on the various
interfaces. The setup would still have to act as an AP for the
remaining wireless interface. The box is running a 2.4.18 kernel on a
MIPS processor.

How do i go about doing this? Does the current setup allow for
iptables based SNAT?

Thank you for taking the time.

Re: wireless bridge turned router
Hi Pete,
Quoted text here. Click to load it

You probabaly just want this single line:
iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE

Unless I severely misunderstood something, I can't see why it would be
any more complicated.


Damion de Soto - Software Engineer  email:     snipped-for-privacy@snapgear.com
We've slightly trimmed the long signature. Click to see the full one.

Site Timeline