Haverer
Posts: 25
Joined: Thu May 07, 2015 11:29 pm

Share wifi internet connection with ethernet port

Thu Jul 27, 2017 2:30 pm

Hi!
I have a pi2, connected via wifi to the internet. What I want to be able to do is plug an ethernet cable from my switch to the Pi ethernet port, and share the internet connection the Pi has with the rest of my network.
HOWEVER, I don't want anyone on the Pis wifi network to be able to reach machines on the ethernet port side... does that make sense, and is it doable? If so, how! ;-) I've read many articles on setting up the pi as a router, but they don't make clear that the two networks will not be able to interact, other than using the internet connection of the wifi router.
Thanks

User avatar
topguy
Posts: 6642
Joined: Tue Oct 09, 2012 11:46 am
Location: Trondheim, Norway

Re: Share wifi internet connection with ethernet port

Thu Jul 27, 2017 2:55 pm

Definitely doable. But maybe not so easy to find a guide specifically for it since most people *want* the two networks to interact.

If you first get it working as a router or as a network extender it might be easier for us to tell you what iptabels rules to add to block access to all addresses on the wifi part except the router.

Haverer
Posts: 25
Joined: Thu May 07, 2015 11:29 pm

Re: Share wifi internet connection with ethernet port

Mon Jul 31, 2017 6:17 pm

thanks very much for the reply. I'll get that up and running first and get back to you.
Whilst I do that, and on a related note, do you know if it's possible to specify which AP to connect to where there are multiple with the same SSID?
Thanks

User avatar
elkberry
Posts: 167
Joined: Wed Dec 28, 2016 9:21 pm

Re: Share wifi internet connection with ethernet port

Mon Jul 31, 2017 8:10 pm

Actually, what you want to achieve is a by-product when using NAT in the IPv4 world. You can't use bridging anyway, because you attach your Pi to your Wifi AP as a non-AP IEEE 802.11 station. That means (due to the restrictions in the IEEE 802.11 three MAC address model) that you need to NAT between your eth0 and wlan0. Eth0 is the downstream interface, wlan0 the upstream interface. Take one of the many PI NAT router recipes,using wlan0 for upstream towards the Internet, and eth0 downstream towards client IP hosts. As addresses on eth0 subnet need to be mapped to the single IPv4 address on wlan0, you won't be able to address any IPv4 address on the eth0 subnet from your WLAN.
From ZX81 to Raspberry Pi, but wait ... where's the 7805 gone?

Return to “Networking and servers”