After building my DIY 16.5 dBi (probably with pornographic levels of VSWR – hopefully i can get an antenna analyzer on that by the next few weeks) and proofing the concept of a feasible 3G gateway, i had to put everything inside a nice IP65 box and set it up outside. Initially i was aiming at using a modded WR703N with Rooter firmware and a Huawei E3131. After burning both of them, i had to resort to a Raspberry Pi Zero.
Principle of operation: Raspberry Pi handles the PPP session from the USB modem, creates an WiFi network via hostapd and uses iptables for the rest.
Notes on weatherproofing something
- water + electronics = bad. Solution?
- Sealed box.
- heat + electronics = bad. Solution?
- Sealed box with ventilation.
- Sealed box with ventilation + electronics = moisture during low temperature. Solution?
- Heat it when it’s cold.
- 230VAC outside = bad idea. Solution?
- Industrial grade 230VAC to 5VDC PSU – i used this one from Mean Well – RS-35-5 (link to manufacturer) placing it within the attic and routing 5m of 2×0.75mm2 cable outside – 6m total, minimum voltage drop.
So, this is not a trivial problem to solve. My solution? IP65 grade box (IP rating table right here) with a breathing hole, DHT22 sensor inside, DS18B20 outside, python measuring things. More details below…
Sure this won’t fix the issue but will allow me to keep an eye on the box health concerning humidity during winter, and heat during the summer.
I killed my WR703N
Before continuing, i burned my finished WR703N. My goal from the start was to avoid having 230VAC outside. But on my testing i used a laptop PSU with 3 wires: 5VDC and 12VDC. On my final testing i smelled smoke. You got the picture…
You don’t? Here it goes.
Out the WR703N, in the Pi
This was pretty much straightforward. I connected a powered 4 port USB hub to the Pi via USB OTG cable. The Hub hosts the E3131 modem and a Ralink based RT5730 dongle with RP-SMA connector.
I used USB-Y cables as a power aid for both the Pi and the Hub. Then, it was just a matter of configuring the software.
This sub-project takes care of all the temperature monitoring. But we still have work to do: after setting up Raspbian, we need to configure WVDial to dial the PPP connection and IPTables to set up NAT.
PPP and NAT configuration
This is also straightforward:
All steps below should be done as root user (sudo -i )
sudo apt-get install -y usb-modeswitch ppp wvdial
Configure wvdial.conf (/etc/wvdial.conf) – for my operator MEO and for a Huawei USB dongle – settings will vary depending on the config…
[Dialer Defaults] New PPPD = yes Dial Command = ATDT Dial Attempts = 3 Modem = /dev/ttyUSB0 Modem Type = Analog Modem ISDN = 0 Baud = 115200 Username = tmn Password = tmn Init1 = ATZ Init2 = AT&F E1 V1 X1 &D2 &C1 S0=0 [Dialer MEO] Carrier Check = on Auto Reconnect = on Idle Seconds = 0 Phone = *99***1# Stupid Mode = 1 Init3 = AT+CGDCONT=1,"IP","internet"
Now tune /etc/network/interfaces and insert in the end:
auto ppp0 iface ppp0 inet wvdial provider MEO
And at /etc/rc.local
The following information to auto startup the ppp session.
sudo nano /etc/sysctl.conf
$ sudo sysctl -w net.ipv4.ip_forward=1
We need iptables for NAT
sudo apt-get install iptables
And we’ll create a rule set under /root/ folder with name ipt.sh
#!/bin/bash LAN="wlan0" WAN="ppp0" # flush tables iptables -F iptables -t nat -F # apply routing iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE iptables -A FORWARD -i $WAN -o $LAN -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
Set it to executable:
chmod +x ~/ipt.sh sudo ~/ipt.sh And set it to start up with the system: sudo sh -c "iptables-save > /etc/iptables.ipv4.nat" Go to the file /etc/rc.local and before exit 0
/home/ipt.sh Now create the file /etc/network/if-up.d/iptables
#!/bin/bash /sbin/iptables-restore < /etc/iptables.ipv4.nat
Set it executable
sudo chmod +x /etc/network/if-up.d/iptables
No. We're not done!
Install hostapd and dnsmasq:
aptitude install hostapd dnsmasq
Edit file with network settings to some static IP of wlan0:
And wlan0 section should like:
allow-hotplug wlan0 iface wlan0 inet static address 192.168.100.1 netmask 255.255.255.0 #wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf iface default inet manual
(close nano with Ctrl+X, then Y and Enter)
After that, get down and up wlan0 interface and check, if you have your IP set it up on interface
ifdown wlan0; ifup wlan0 ifconfig wlan0 # this command should wrote these informations # as you can see, there is right IP wlan0 Link encap:Ethernet HWaddr xx:xx:xx:xx:xx:xx inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Create new configuration for hostapd in /etc/hostapd/hostapd.conf and put there this info:
# you can create it with command
nano /etc/hostapd/hostapd.conf #write info below into file interface=wlan0 driver=nl80211 ssid=RaspberryPi_AP hw_mode=g channel=6 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0 wpa=2 wpa_passphrase=your_password_here wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP
Edit files /etc/default/hostapd and uncomment DAEMON_CONF, and add path to config. So line will looks like this:
Then, you can finally restart hostapd, and you have your hotspot up and running.
/etc/init.d/hostapd restart # allow hostapd after boot update-rc.d hostapd enable
Your hotspot is running, but you need to run some DHCP client for your clients which will use your hotspot. Edit and change these parameters in dnsmasq (and restart it):
#edit dnsmasq by following command
#find and change following parameters.. (or you can add these on end of the file
interface=wlan0 except-interface=eth0 dhcp-range=192.168.100.2,192.168.100.150,255.255.255.0,12h # restart dnsmasq /etc/init.d/dnsmasq restart # allow dnsmasq after boot update-rc.d dnsmasq enable
I found out my ISP blocks routing on these ppp interfaces, so i cannot get direct SSH or Web Access to the device.
On my next post i'll explain on how to do a reverse SSH session to another WAN available pi.
Also, rpi-monitor is a great project for remote monitoring. Here's a sneak peak:
And temperature graphs via rrdtool, embedded and managed via rpi-monitor. (howto to follow soon)