Прошил TP-Link TL-MR3020 на openwrt, теперь для настройки его нужно подключить к инету. В качестве доступа в инет выступает 3g модем Е1550. Нашёл скрипт для NAT ppp0 to eth0
#!/bin/bash
#NAT script from www.debian-administration.org, modified by CRImier
# Exit status 0 if operation is correct
# Exit status 1 if trying to use last interface used when running for the first time
# Exit status 2 if interface doesn't exist
EIF=''
IIF='enp2s0'
PATH=/usr/sbin:/sbin:/bin:/usr/bin
LOGFILE=/etc/nat-if.conf
touch $LOGFILE
#
#Checking command-line arguments and setting $EIF variable according to them
#
if [[ $1 == "" ]] #If there's no arguments, just use previous settings.
then
EIF=`cat $LOGFILE`
if [[ $EIF == "" ]] #Just check for an empty file!
then
echo "Please, specify interface name for first usage using 'firewall interface', e.g. 'firewall eth0'"
exit 1
fi
elif [ $1 == "help" ] #Output help message
then
echo "NAT script"
echo "(c) www.debian-administration.org, modified by CRImier"
echo "Usage: 'firewall interface', 'firewall info' or simply 'firewall' to use last interface firewall was set on."
echo "Argument is external interface name, internal interface name is hard-coded in the script"
exit 0
elif [ $1 == "info" ] #Print interface firewall is set on
then
cat $LOGFILE
exit 0
else
ifconfig $1 &>/dev/null
if [ $? == 0 ]
then #Interface name must be correct as ifconfig gives 0 exit code
EIF=$1
echo $EIF > $LOGFILE
else
echo "Incorrect interface name"
exit 2
fi
fi
#
#$EIF is set correctly, let's apply the rules:
#
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $EIF -o $IIF -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $IIF -o $EIF -j ACCEPT
iptables -t nat -A POSTROUTING -o $EIF -j MASQUERADE
iptables -A FORWARD -i $EIF -o $IIF -j REJECT
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "Firewall started."
root@OpenWrt:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
ping: sendto: Network is unreachable
root@OpenWrt:~#
$ ifconfig
enp2s0 Link encap:Ethernet HWaddr 54:04:A6:0C:96:7D
inet addr:192.168.1.106 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2357 errors:0 dropped:0 overruns:0 frame:0
TX packets:3468 errors:0 dropped:0 overruns:0 carrier:5
collisions:0 txqueuelen:1000
RX bytes:507952 (496.0 Kb) TX bytes:293028 (286.1 Kb)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:3797 errors:0 dropped:0 overruns:0 frame:0
TX packets:3797 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:182862 (178.5 Kb) TX bytes:182862 (178.5 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.62.247.48 P-t-P:10.64.64.64 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:1728 errors:0 dropped:0 overruns:0 frame:0
TX packets:1706 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:1265129 (1.2 Mb) TX bytes:205882 (201.0 Kb)
~$
P.S. Забыл настройки openwrt
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdf1:4ec1:693e::/48'
config interface 'lan'
option ifname 'eth0'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option dns '8.8.8.8'
root@OpenWrt:~#