Bosse_B
Posts: 980
Joined: Thu Jan 30, 2014 9:53 am

Configuring RPi2 as proxy or router port forwarder?

Fri Feb 05, 2016 12:56 pm

Is it possible to do the following with an RPi2 running Raspbian Jessie?
Configuration
- RPi2 is connected to a regular Ethernet network in the office
- RPi2 is also connected to a WiFi access point using an EdiMax adapter

Task
Now I want to connect to TCP port 1001 (as example) on a device with IP 1.2.3.4 on the WiFi access point network. THis device does not have any Ethernet.
This is to be done from a computer on the Ethernet network who cannot connect to the WiFi network because it is too far away.
So can the RPi2 be configured as a proxy/router or similar between the two?

It is somewhat like my regular Internet router where I can set up "port forwarding" so that a remote computer anywhere on the Internet can access my router's external IP addres and the specified port number and in fact be forwarded to a computer (predefined in the router) on the inside office network.

I was thinking about creating a special program for this purpose when I realized that the task looks a lot like something that is already done on routers and therefore there might be functions available on Raspbian Linux just waiting to be used...
Bo Berglund
Sweden

mutley
Posts: 61
Joined: Sat Jan 02, 2016 8:06 pm

Re: Configuring RPi2 as proxy or router port forwarder?

Fri Feb 05, 2016 2:54 pm

Yes that can be done. There is no need to setup port forwarding though unless you want to run the PI as a firewall / hide each network from each other. If they are both trusted networks, look at the command "ip route", and the pi can forward all traffic for a particular IP rather than specific port for specific ip. It's a lot less CPU intensive and can be done without much setup. Google setting up a gateway. Here is an example.

http://unix.stackexchange.com/questions ... wo-subnets

Bosse_B
Posts: 980
Joined: Thu Jan 30, 2014 9:53 am

Re: Configuring RPi2 as proxy or router port forwarder?

Fri Feb 05, 2016 3:09 pm

The actual use case is this:
There is a device which can be remotely controlled via WiFi.
It has a WiFi Access Point built in to which one can connect.
After connection one can open a control connection on a TCP socket on port 1001.
The problem is that the device sits in a location far away from the development labs and cannot be moved there.
So in order to work on the communications code one has to move the development stuff over, which is a hassle.
Ethernet is available on the remote location though.

So I figured an RPi2 connected to the Ethernet and therefore accessible from the labs could be provided with an Edimax WiFi dongle and set up to autoconnect to the WiFi SSID on the device AP.
Now the Pi is dual homed and at this point I would like the Pi to implement a route from the Ethernet network over to the WiFi network it is connected to.
I thought of port forwarding from Ethernet to WiFi of a specific port number to the device IP (1.2.3.4) on its port number such that the developers could sit in their labs and do the coding while connected to the device network and port.

Is this scenario what the link you quoted will do?
Bo Berglund
Sweden

Bosse_B
Posts: 980
Joined: Thu Jan 30, 2014 9:53 am

Re: Configuring RPi2 as proxy or router port forwarder?

Fri Feb 05, 2016 6:51 pm

Bosse_B wrote: Is this scenario what the link you quoted will do?
No, it is not....
All routing hits I get for RPi on the net refer to using the RPi to bridge WiFi to Ethernet by setting up the Pi to act as an Access Point to which other units connect.
This is not the case here.
Here:
- The Pi connects to an Access Point running on another device
- The Pi is also connected to the wired Ethernet
- The Pi should act as a port forwarding unit towards the WiFi Access point, which has a control port we want to talk to

Example:
So on the Ethernet network, the Pi gets an address by DHCP as 192.168.13.47
On the WiFi network the Pi gets an address also by DHCP from the AP as 1.2.3.8 when it connects
On the WiFi network there is a TCP service running on 1.2.3.4:1001
Now I want the Pi to forward traffic to the port 192.168.13.47:1001 on the Ethernet side to 1.2.3.4:1001 on the WiFi side

This is the same scenario (almost) as a regular DSL router with a public IP address and internal private addresses where one can set up port forwarding by specifying the port number on the external interface and the IP address:port on the internal network. Then the router just "wires these two together" metaphorically speaking.
An Internet client connecting to the port on the Internet side will be in effect connecting to the internal device and port given by the router set-up.

I want to accomplish this very same function with the RPi but in this case the Pi is a DHCP client on both networks.
Can it be done (I think yes) and if so HOW?
By the way, did I post in the wrong forum? I have seen that there is also a networking forum....
Bo Berglund
Sweden

Bosse_B
Posts: 980
Joined: Thu Jan 30, 2014 9:53 am

Re: Configuring RPi2 as proxy or router port forwarder?

Sat Feb 06, 2016 4:18 pm

1) I asked a moderator to move this thread from the General discussion forum to Networking.
2) I can report that I implemented a solution that exists in the Pi itself and just needs activation!

This is what I did:
PiWiFi is a Pi which connects to the WiFi access point created by the device to control
PiUser is another Pi on the same wired network
WinUser is a Windows7 laptop connected to the wired network

So:
PiWiFi has two IP addresses, 192.168.0.152 on the wired network and 1.2.3.4 on WiFi
PiUser has IP address 192.168.0.161
WinUser has IP address 192.168.0.135
All have reserved DHCP addresses on my D-Link Internet router, so they are in effect static.

On the PiWiFi I have enabled ip forwarding this way:
Edit networking control file:

Code: Select all

sudo nano /etc/sysctl.conf

# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
Reboot the PiWiFi in order to start using the new configuration.

On the PiUser I have added a route to the routing table:

Code: Select all

sudo route add -net 1.2.3.0 netmask 255.255.255.0 gw 192.168.0.152 (IP of PiWiFi)
On the WinUser PC I open a command window "as Administrator" and enter this:

Code: Select all

route -4 -p ADD 10.0.0.0 MASK 255.255.255 192.168.0.152
Now I can ping the unit 1.2.3.1, which is the machine with the WiFi Access Point and connect to its TCP port 1001 from both PiUser and WinUser!
The only problem I see with this is that the PiUser routes are not persistent, on Windows there is a flag to make them persistent in the ADD command (-p) but I don't know of any such thing in Raspbian Jessie.

So all is there in the amazing Raspberry Pi to do this! :D
Bo Berglund
Sweden

Return to “Networking and servers”