AP热点以nat方式连接到网络,需要用到iptables这个工具来实现网卡的网络转发代理上网的功能,让我们网卡配置的AP热点实现上网功能。
1.iptables转发nat需要内核的支持,内核的配置:
[*] Networking support --->
Networking options --->
[*] Network packet filtering framework (Netfilter) --->
[*] Advanced netfilter configuration (NEW)
Core Netfilter Configuration --->
<*> Netfilter connection tracking support
<*> TFTP protocol support
<*> "connlimit" match support"
<*> "conntrack" connection tracking match support
<*> "mac" address match support
<*> "string" match support
<*> "time" match support
<*> Netfilter Xtables support (required for ip_tables)
<*> IP virtual server support --->
[*] Netfilter connection tracking
IP: Netfilter Configuration --->
<*> IPv4 connection tracking support (required for NAT)
[*] proc/sysctl compatibility with old connection tracking (NEW)
<*> IP tables support (required for filtering/masq/NAT)
<*> Packet filtering
<*> REJECT target support
<*> IPv4 NAT
<*> MASQUERADE target support
<*> NETMAP target support
<*> REDIRECT target support
2. iptables的交叉编译:
- 下载地址:http://www.netfilter.org/projects/iptables/files/iptables-1.4.12.2.tar.bz2
- tar zxvf tar zxvf iptables-1.4.12.2.tar.bz2
- cd iptables-1.4.12.2
- ./configure --host=arm-hisiv400-linux --prefix=/home/xy/onvif/iptables-1.4.1.2/install/ --enable-static --disable-shared
- make
- make install
- 在把在安装目录生成iptables复制到交叉编译平台的/usr/bin
3. echo 1 > /proc/sys/net/ipv4/ip_forward (打开IP转发功能)
4. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE (以nat方式转发eth0网卡,这句执行成功就可以上网了)