Raspberry Pi route WiFi through Ethernet | Details

First you have to download and write the Rasbian image to an SD card, i recommend to download the Raspbian Lite but if you want to connect to a WiFi with captive portal (like a hotel WiFi) you can download the Desktop version. THIS PROJECT IS DONE ON RASPBIAN JESSIE LITE

You can download the image you prefer from official Raspberry Pi site:

https://www.raspberrypi.org/downloads/raspbian/

Ones you download the image you can follow the instructions to write the img to your SD card:

https://www.raspberrypi.org/documentation/installation/installing-images/README.md

Tip for those who want a full headless build so you dont want to have a keyboard or monitor:

After you write the image you should see a boot partition on My Computer

so to automatically your Pi connect to your WiFi network you have to make a new file named "wpa_supplicant.conf" with (Notepad++ or similar program) and put the following code inside and change it to your needs :

country="Your country 2 letter code here" (eg. GR,US)
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
    ssid="YOURSSID"
    psk="YOURPASS"
    key_mgmt=WPA-PSK
}

Like this:

More info here : https://www.raspberrypi.org/documentation/configuration/wireless/wireless-cli.md

Also to enable ssh headless you need to create a blank file called "ssh" also in the boot partition (name it just ssh, maybe ssh.txt works i dont know leave a comment if it does) if you dont have show hidden files enabled you can create it with cmd :

Run cmd and type this command "echo>D:/ssh" (replace the D:/ with your SD path for me is D:/)

Now you are ready to power on your Pi. Just insert the SD card you just prepared and give it power. Give Pi 30-40 seconds to boot up you can connect through your favorite SSH program i use Putty, and type at Hostname filed "raspberrypi.local" and click Open.

If you get this error:

you dont have Apple Bonjour installed so you can either download it or you have to find the Pi IP manually. So you can login to your router and go to Connected Devices or ARP table and find the IP or you can use a Network Scan tool (like Angry IP Scanner).

Now that you have the IP of the Raspberry you can connect and start the installation of the required packages.

STEP 1: update your Raspbian and install the packages that we need by typing:

sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get install dnsmasq iptables-persistent -y

STEP 2: Find the name of your Ethernet interface with ifconfig command (in my case eth0)

STEP 3: Disable the dhcpcd for the eth0 interface by editing the /etc/dhcpcd.conf with your favorite editor (i use nano)

sudo nano /etc/dhcpcd.conf

and adding the following line at the very bottom

denyinterfaces eth0

save and exit ( Press ctrl + o to save and ctrl +x to exit )

STEP 4:

Edit the /etc/network/interfaces file by typing :

sudo nano /etc/network/interfaces

if it has any line that contains eth0 (or you interface name) comment it out by adding a # to the start of the line

add the following to the bottom:

auto eth0
allow-hotplug eth0
iface eth0 inet static
    address 192.168.2.1
    netmask 255.255.255.0
    network 192.168.2.0
    broadcast 192.168.2.255

You can change the network settings as you want but you have to remember your changes for the dhcp server config later or you can leave it as it is

Optional:

if you want to use an external Wireless adapter you have to comment out the wpa_conf line

For external Wireless adapter add also the following at the bottom:

allow-hotplug wlan1
iface wlan1 inet manual
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

As the wlan1 being your wifi card name you see from ifconfig command early

again save and exit the file

STEP 5: Configure the DHCP service:

First we need to do a backup to the configuration file

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.bak

then edit the file

sudo nano /etc/dnsmasq.conf

and add this code

interface=eth0
listen-address=192.168.2.1
dhcp-range=192.168.2.10,192.168.2.100,12h
server=8.8.8.8
bind-interfaces
domain-needed
bogus-priv

Now if you change the if earler in the /etc/network/interfaces you need also to change it in these file.

I let the user to decide if he wants to use the ad-blocking dns server that we setup later if you dont want that you can change the 8.8.8.8 (Google DNS) with the 192.168.2.1 (the eth0 ip) or your preferred DNS. In my case in order the client to use the ad-blocking DNS must set a static DNS to the device that uses.

STEP 6: Configure internet sharing:

First setup ipv4 forwarding by editing the file

sudo nano /etc/sysctl.conf

find and uncomment this line by removing #

net.ipv4.ip_forward=1

To activate the changes you need to run:

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

We also need to reset the IP table so we need to make a script to do that. Create a file named iptablereset.sh

sudo nano iptablereset.sh

and add the following:

#!/bin/sh
echo "Resetting the IP Tables"
ipt="/sbin/iptables"
## Failsafe - die if /sbin/iptables not found [ ! -x "$ipt" ] && { echo "$0: \"${ipt}\" command not found."; exit 1; }
$ipt -P INPUT ACCEPT
$ipt -P FORWARD ACCEPT
$ipt -P OUTPUT ACCEPT
$ipt -F
$ipt -X
$ipt -t nat -F
$ipt -t nat -X
$ipt -t mangle -F
$ipt -t mangle -X
$ipt -t raw -F
$ipt -t raw -X

Save and exit

We need to give the script executable permissions so we run:

sudo chmod +x iptablereset.sh

And then run it :

sudo ./iptablereset.sh

Also run the following to set the firewall rules (remember to change the wlan0 and the eth0 with your interface name you see in ifconfig):

sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
sudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT

To save the rules we added run:

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

We need this command to run on every boot so we edit the /etc/rc.local file:

sudo nano /etc/rc.local

Add this code before "exit 0"

iptables-restore < /etc/iptables.ipv4.nat

Thats all it for the basic part. Now you can use it but there is no ad-blocking yet.

To connect your old router with the raspberry you need an ethernet cable and you just connect the raspberry on any port you want but first :

To use it with a router you need to consider these 2 important things

You need to change your router IP address to a different ip address from the eth0 interface (In my case the eth0 has 192.168.2.1 and my router has 192.168.2.2)

2. You need to disable the DHCP on your router because we already setup one on the raspberry

Also if your router has bridge option select it. (optional)

STEP 7 (Optional): Install Pi-Hole:

To install Pi-Hole you need to run a single command

curl -sSL https://install.pi-hole.net | bash

if you have any problem visit https://pi-hole.net/

IMPORTANT:

Continue the GUI install until you get to this screen:

You need to press NO, then Change the ip to you eth0 ip (In my case 192.168.2.1)

Also chage the gateway if needed:

If the changes are OK click Yes and continue the GUI installer:

When you finish you should see something like this :

So restart as the installer says and ones it boots you can navigate to http://192.168.2.1/admin/ (if you make changes replace the ip with yours)

from here you can see statistics, block domains, whitelist and many more. Just go to https://pi-hole.net/and learn everything that does.

Congrats you now sharing the internet from WiFi to Your old router via ethernet using raspberry and if you install Pi-Hole you also blocking ads.

Project Details