Raspberry Pi 3 CentOS 7 ARM 無線基地台 AP 與 IP 分享器
![Raspberry Pi](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2016/03/d57ba63d9439524dd028208b2d4a6332.png?fit=450%2C236&ssl=1)
本文將詳細說明如何使用「樹莓派 3」基於 CentOS 7 ARM 來建置無線基地台 AP 與 IP 分享器。完成 AP 功能後,任何裝置即可透過這種方式來無線操控「樹莓派 3」,進而延伸無限的可能。
無線網路卡設置
查看目前所有驅動的網路裝置,必須要有 wlan0 這個無線裝置,並先複製 MAC(等下會用到):
無顯示 wlan0 請先驅動「樹莓派3」的 wifi(可參考樹莓派 3(Raspberry Pi 3) CentOS 7 ARM 安裝與配置)
ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether b8:27:eb:04:29:8a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.156/24 brd 192.168.0.255 scope global dynamic eth0
valid_lft 4855sec preferred_lft 4855sec
inet6 fe80::ba27:ebff:fe04:298a/64 scope link
valid_lft forever preferred_lft forever
3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 82:76:52:57:46:6a brd ff:ff:ff:ff:ff:ff
查看目前連結的裝置,僅有 eth0 這個有線網路裝置:
nmcli connection show
NAME UUID TYPE DEVICE
eth0 a5ae9a6c-3951-4e8a-b99d-a4ea5dc33bf1 802-3-ethernet eth0
新增無線裝置:
nmtui
使用 PieTTY 連結如畫面呈現跑版,請依下圖步驟設置
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/fb826c50a7fc77e86690b38141e488db.png?resize=715%2C524&ssl=1)
點選 [選項(O)] > [亞洲語系修正(C)] > [Unicode亞洲寬符號字元],取消勾選。
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/09d0275c75a9de93777497f9a59c8037.png?resize=715%2C524&ssl=1)
退出再重新執行進入即可:
nmtui
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/fcc3f4129366a62ddcc2429850c8b396.png?resize=715%2C524&ssl=1)
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/c721b2bfa9d90a5699b686e0e5ab60c8.png?resize=811%2C524&ssl=1)
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/785d946609a17a8718e42e9914bb3a18.png?resize=811%2C524&ssl=1)
設定裝置連結資訊:
如要在連結裝置時驗證密碼,請設置 [安全] 並選擇加密方式
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/0b2021cf18218090e81995b529bf8886.png?resize=811%2C668&ssl=1)
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/c04bf9c7da58fc1168c6c0d0a66e5270.png?resize=811%2C668&ssl=1)
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/601af4655a78a6a09f590d7da057e3d9.png?resize=811%2C668&ssl=1)
查看 wlan0 裝置已設定 IP 資訊:
ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether b8:27:eb:04:29:8a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.156/24 brd 192.168.0.255 scope global dynamic eth0
valid_lft 6902sec preferred_lft 6902sec
inet6 fe80::ba27:ebff:fe04:298a/64 scope link
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 82:76:52:57:46:6a brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global wlan0
valid_lft forever preferred_lft forever
inet6 fe80::f478:85b4:2f0c:5ebd/64 scope link
valid_lft forever preferred_lft forever
查看目前連結的裝置,多了剛新增的 wlan0:
nmcli connection show
NAME UUID TYPE DEVICE
eth0 a5ae9a6c-3951-4e8a-b99d-a4ea5dc33bf1 802-3-ethernet eth0
wlan0 834deb9d-b101-41aa-b7ff-e8b2389ccf4c 802-11-wireless wlan0
DHCP Server
要讓 AP 能夠自動派發 IP,必須使用 DHCP Server 的功能,先安裝 DHCP Server 套件:
yum install dhcp
預設有提供一份範例供參考,位置如下:
cat /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example
設置設定檔:
vi /etc/dhcp/dhcpd.conf
# 不要更新 DDNS 設定
ddns-update-style none;
# 忽略 Client DNS 更新功能
ignore client-updates;
# 預設租約 3 天
default-lease-time 259200;
# 最大租約 6 天
max-lease-time 518400;
# 預設路由(就是無線網卡的 id)
option routers 192.168.1.1;
# 設定領域名稱
option domain-name "RPi3-Centos7-ARM";
# DNS 設定(可使用“,”設定多組)
option domain-name-servers 168.95.1.1, 8.8.8.8;
# 動態分配的 IP
subnet 192.168.1.0 netmask 255.255.255.0 {
# 分配的 IP 範圍
range 192.168.1.10 192.168.1.20;
}
設定 DHCP 作用在哪個裝置上(CentOS 7 無須設定了):
vi /etc/sysconfig/dhcpd
DHCPDARGS="wlan0";
立即啟動並開機自動啟用:
systemctl start dhcpd
systemctl enable dhcpd
封包轉發 Router 與 NAT
查看目前網路裝置 firewalld zone 都在 public:
firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0 wlan0
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
將內部使用的無線網卡 wlan0 的 firewalld zone 變更為 trusted,變更後必須重新載入:
文件說明
firewall-cmd
指令的 zone interface
設定,即使加了參數 --permanent
也不會被儲存,必須自行在裝置檔新增nmcli connection modify wlan0 connection.zone trusted
nmcli connection up wlan0
連線已成功啟用(D-Bus 啟用路徑:/org/freedesktop/NetworkManager/ActiveConnection/2)
確認 wlan0 是否已在 trusted 區域:
firewall-cmd --info-zone=trusted
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: wlan0
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
啟用 zone public 的 NAT,也就是 masquerade(偽裝)功能,變更後必須重新載入:
firewall-cmd --zone=public --add-masquerade --permanent
success
firewall-cmd --reload
success
確認設定是否生效:
firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: yes
forward-ports:
sourceports:
icmp-blocks:
rich rules:
連結測試
使用 wifi 連結至剛建立的 SSID 名稱 RPi3-AP,已自動取得 DHCP 派發的 IP 與相關設定。
![](https://i0.wp.com/footmark.com.tw/wp-content/uploads/2019/11/a32151c962544f790d405382f8cdda7b.png?resize=376%2C413&ssl=1)
參考
- 2.3. 使用 NetworkManager 命令行工具 nmcli Red Hat Enterprise Linux 7 | Red Hat Customer Portal
- 16.4. Configuring a Multihomed DHCP Server Red Hat Enterprise Linux 6 | Red Hat Customer Portal
- 鳥哥的 Linux 私房菜 -- DHCP 伺服器
- 树莓派3 安装CentOS 7 及连接WiFi - 文质彬彬90的个人空间 - OSCHINA
- 小懶蟲的blog~: [CentOS 7] 防火牆設定
- RHEL7: How to get started with Firewalld. - CertDepot
![創用 CC 授權條款](https://i.creativecommons.org/l/by-sa/3.0/tw/88x31.png)
本著作係採用創用 CC 姓名標示-相同方式分享 3.0 台灣 授權條款授權.