Page 1 of 1

Share wifi internet connection with ethernet port

Posted: Thu Jul 27, 2017 2:30 pm
by Haverer
Hi!
I have a pi2, connected via wifi to the internet. What I want to be able to do is plug an ethernet cable from my switch to the Pi ethernet port, and share the internet connection the Pi has with the rest of my network.
HOWEVER, I don't want anyone on the Pis wifi network to be able to reach machines on the ethernet port side... does that make sense, and is it doable? If so, how! ;-) I've read many articles on setting up the pi as a router, but they don't make clear that the two networks will not be able to interact, other than using the internet connection of the wifi router.
Thanks

Re: Share wifi internet connection with ethernet port

Posted: Thu Jul 27, 2017 2:55 pm
by topguy
Definitely doable. But maybe not so easy to find a guide specifically for it since most people *want* the two networks to interact.

If you first get it working as a router or as a network extender it might be easier for us to tell you what iptabels rules to add to block access to all addresses on the wifi part except the router.

Re: Share wifi internet connection with ethernet port

Posted: Mon Jul 31, 2017 6:17 pm
by Haverer
thanks very much for the reply. I'll get that up and running first and get back to you.
Whilst I do that, and on a related note, do you know if it's possible to specify which AP to connect to where there are multiple with the same SSID?
Thanks

Re: Share wifi internet connection with ethernet port

Posted: Mon Jul 31, 2017 8:10 pm
by elkberry
Actually, what you want to achieve is a by-product when using NAT in the IPv4 world. You can't use bridging anyway, because you attach your Pi to your Wifi AP as a non-AP IEEE 802.11 station. That means (due to the restrictions in the IEEE 802.11 three MAC address model) that you need to NAT between your eth0 and wlan0. Eth0 is the downstream interface, wlan0 the upstream interface. Take one of the many PI NAT router recipes,using wlan0 for upstream towards the Internet, and eth0 downstream towards client IP hosts. As addresses on eth0 subnet need to be mapped to the single IPv4 address on wlan0, you won't be able to address any IPv4 address on the eth0 subnet from your WLAN.