wilhelmberg · May 1, 2019 20:23 · May 17, 2015 · May 17, 2015 · May 17, 2015 · May 16, 2015
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -1,3 +1,5 @@
+raspberry pi connected to internet via ethernet, client with Mapbox Studio connect to raspberry pi via wifi
+
 * get raspberry pi 2
 * setup ubuntu
 * get usb wifi dongle that supports master (AP) mode, e.g. with RT5370 chip. [Search on Amazon](http://amzn.to/1Fitqii)

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -106,6 +106,8 @@ iptables -t mangle -X
 iptables -P INPUT ACCEPT
 iptables -P FORWARD ACCEPT
 iptables -P OUTPUT ACCEPT
+iptables -t raw -F
+iptables -t raw -X
 ```
 
 # proxy

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -95,6 +95,19 @@ Didn't work for me.
 
 However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after reboot works for me.
 
+Clear all iptables rules:
+```
+iptables -F
+iptables -X
+iptables -t nat -F
+iptables -t nat -X
+iptables -t mangle -F
+iptables -t mangle -X
+iptables -P INPUT ACCEPT
+iptables -P FORWARD ACCEPT
+iptables -P OUTPUT ACCEPT
+```
+
 # proxy
 
 [Help Ubuntu: Squid - Proxy Server](https://help.ubuntu.com/lts/serverguide/squid.html)

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -113,7 +113,7 @@ However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after
 #auth_param digest realm proxy
 #acl authenticated proxy_auth REQUIRED
 #http_access allow authenticated
-# Comment following line for no authentication
+# Comment following line when using authentication
 http_access allow all
 http_port 3128
 ```

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -108,10 +108,13 @@ However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after
 * `nano /etc/squid3/squid.conf`
 
 ```
-auth_param digest program /usr/lib/squid3/digest_file_auth -c /etc/squid3/passwords
-auth_param digest realm proxy
-acl authenticated proxy_auth REQUIRED
-http_access allow authenticated
+# Uncomment following lines to activate authentication
+#auth_param digest program /usr/lib/squid3/digest_file_auth -c /etc/squid3/passwords
+#auth_param digest realm proxy
+#acl authenticated proxy_auth REQUIRED
+#http_access allow authenticated
+# Comment following line for no authentication
+http_access allow all
 http_port 3128
 ```
 

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -118,3 +118,6 @@ http_port 3128
 * `service squid3 restart`
 * `htdigest -c /etc/squid3/passwords proxy FIRSTUSER`
 * `htdigest /etc/squid3/passwords proxy SECONDUSER`
+
+
+Check if it is working: `tail -f /var/log/squid3/access.log`
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -71,10 +71,11 @@ dhcp-range=10.10.10.2,10.10.10.150,255.255.255.0,12h
 * ~~`iptables -A FORWARD -i wlan1 -o eth0 -p tcp --dport 3128 -j ACCEPT`~~
 
 
-* iptables -A INPUT -s 10.10.10.0/24 -p tcp --dport 3128 -j ACCEPT
-* iptables -A INPUT -p tcp --dport 3128 -j DROP
-* iptables -A OUTPUT -d 10.10.10.0/24 -p tcp --sport 3128 -j ACCEPT
-* iptables -A OUTPUT -p tcp --sport 3128 -j DROP 
+* `iptables -A INPUT -s 10.10.10.0/24 -p tcp --dport 3128 -j ACCEPT`
+* `iptables -A INPUT -p tcp --dport 3128 -j DROP`
+* `iptables -A OUTPUT -d 10.10.10.0/24 -p tcp --sport 3128 -j ACCEPT`
+* `iptables -A OUTPUT -p tcp --sport 3128 -j DROP`
+
 
 * `iptables-save > /etc/iptables.nat`
 * `echo '#!/bin/bash' > /etc/network/if-up.d/forwarding && echo 'iptables-restore < /etc/iptables.nat' >> /etc/network/if-up.d/forwarding && chmod +x /etc/network/if-up.d/forwarding`

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -64,11 +64,13 @@ dhcp-range=10.10.10.2,10.10.10.150,255.255.255.0,12h
 * `sysctl -p`
 * `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE`
 
+
 * ~~`iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT`~~
 * ~~`iptables -A FORWARD -i eth0 -o wlan1 -p tcp --dport 3128 -m state --state RELATED,ESTABLISHED -j ACCEPT`~~
 * ~~`iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT`~~
 * ~~`iptables -A FORWARD -i wlan1 -o eth0 -p tcp --dport 3128 -j ACCEPT`~~
 
+
 * iptables -A INPUT -s 10.10.10.0/24 -p tcp --dport 3128 -j ACCEPT
 * iptables -A INPUT -p tcp --dport 3128 -j DROP
 * iptables -A OUTPUT -d 10.10.10.0/24 -p tcp --sport 3128 -j ACCEPT

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -64,15 +64,15 @@ dhcp-range=10.10.10.2,10.10.10.150,255.255.255.0,12h
 * `sysctl -p`
 * `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE`
 
-~~* `iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT`
-* `iptables -A FORWARD -i eth0 -o wlan1 -p tcp --dport 3128 -m state --state RELATED,ESTABLISHED -j ACCEPT`
-* `iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT`
-* `iptables -A FORWARD -i wlan1 -o eth0 -p tcp --dport 3128 -j ACCEPT`~~
-
-iptables -A INPUT -s 10.10.10.0/24 -p tcp --dport 3128 -j ACCEPT
-iptables -A INPUT -p tcp --dport 3128 -j DROP
-iptables -A OUTPUT -d 10.10.10.0/24 -p tcp --sport 3128 -j ACCEPT
-iptables -A OUTPUT -p tcp --sport 3128 -j DROP 
+* ~~`iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT`~~
+* ~~`iptables -A FORWARD -i eth0 -o wlan1 -p tcp --dport 3128 -m state --state RELATED,ESTABLISHED -j ACCEPT`~~
+* ~~`iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT`~~
+* ~~`iptables -A FORWARD -i wlan1 -o eth0 -p tcp --dport 3128 -j ACCEPT`~~
+
+* iptables -A INPUT -s 10.10.10.0/24 -p tcp --dport 3128 -j ACCEPT
+* iptables -A INPUT -p tcp --dport 3128 -j DROP
+* iptables -A OUTPUT -d 10.10.10.0/24 -p tcp --sport 3128 -j ACCEPT
+* iptables -A OUTPUT -p tcp --sport 3128 -j DROP 
 
 * `iptables-save > /etc/iptables.nat`
 * `echo '#!/bin/bash' > /etc/network/if-up.d/forwarding && echo 'iptables-restore < /etc/iptables.nat' >> /etc/network/if-up.d/forwarding && chmod +x /etc/network/if-up.d/forwarding`

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -63,12 +63,12 @@ dhcp-range=10.10.10.2,10.10.10.150,255.255.255.0,12h
   * uncomment `net.ipv4.ip_forward=1`
 * `sysctl -p`
 * `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE`
-~~
-* `iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT`
+
+~~* `iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT`
 * `iptables -A FORWARD -i eth0 -o wlan1 -p tcp --dport 3128 -m state --state RELATED,ESTABLISHED -j ACCEPT`
 * `iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT`
-* `iptables -A FORWARD -i wlan1 -o eth0 -p tcp --dport 3128 -j ACCEPT`
-~~
+* `iptables -A FORWARD -i wlan1 -o eth0 -p tcp --dport 3128 -j ACCEPT`~~
+
 iptables -A INPUT -s 10.10.10.0/24 -p tcp --dport 3128 -j ACCEPT
 iptables -A INPUT -p tcp --dport 3128 -j DROP
 iptables -A OUTPUT -d 10.10.10.0/24 -p tcp --sport 3128 -j ACCEPT

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -63,8 +63,17 @@ dhcp-range=10.10.10.2,10.10.10.150,255.255.255.0,12h
   * uncomment `net.ipv4.ip_forward=1`
 * `sysctl -p`
 * `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE`
+~~
 * `iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT`
+* `iptables -A FORWARD -i eth0 -o wlan1 -p tcp --dport 3128 -m state --state RELATED,ESTABLISHED -j ACCEPT`
 * `iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT`
+* `iptables -A FORWARD -i wlan1 -o eth0 -p tcp --dport 3128 -j ACCEPT`
+~~
+iptables -A INPUT -s 10.10.10.0/24 -p tcp --dport 3128 -j ACCEPT
+iptables -A INPUT -p tcp --dport 3128 -j DROP
+iptables -A OUTPUT -d 10.10.10.0/24 -p tcp --sport 3128 -j ACCEPT
+iptables -A OUTPUT -p tcp --sport 3128 -j DROP 
+
 * `iptables-save > /etc/iptables.nat`
 * `echo '#!/bin/bash' > /etc/network/if-up.d/forwarding && echo 'iptables-restore < /etc/iptables.nat' >> /etc/network/if-up.d/forwarding && chmod +x /etc/network/if-up.d/forwarding`
 * `shutdown -r now`

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -104,6 +104,5 @@ http_port 3128
 ```
 
 * `service squid3 restart`
-
 * `htdigest -c /etc/squid3/passwords proxy FIRSTUSER`
 * `htdigest /etc/squid3/passwords proxy SECONDUSER`
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -86,6 +86,7 @@ However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after
 # proxy
 
 [Help Ubuntu: Squid - Proxy Server](https://help.ubuntu.com/lts/serverguide/squid.html)
+
 [Minimal squid3 proxy configuration](http://dabase.com/blog/Minimal_squid3_proxy_configuration/)
 
 * `apt-get install apache2-utils`

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -85,4 +85,24 @@ However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after
 
 # proxy
 
-[Help Ubuntu: Squid - Proxy Server](https://help.ubuntu.com/lts/serverguide/squid.html)
+[Help Ubuntu: Squid - Proxy Server](https://help.ubuntu.com/lts/serverguide/squid.html)
+[Minimal squid3 proxy configuration](http://dabase.com/blog/Minimal_squid3_proxy_configuration/)
+
+* `apt-get install apache2-utils`
+* `apt-get install squid3`
+* `sudo cp /etc/squid3/squid.conf /etc/squid3/squid.conf.original`
+* `sudo chmod a-w /etc/squid3/squid.conf.original`
+* `nano /etc/squid3/squid.conf`
+
+```
+auth_param digest program /usr/lib/squid3/digest_file_auth -c /etc/squid3/passwords
+auth_param digest realm proxy
+acl authenticated proxy_auth REQUIRED
+http_access allow authenticated
+http_port 3128
+```
+
+* `service squid3 restart`
+
+* `htdigest -c /etc/squid3/passwords proxy FIRSTUSER`
+* `htdigest /etc/squid3/passwords proxy SECONDUSER`
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -84,3 +84,5 @@ Didn't work for me.
 However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after reboot works for me.
 
 # proxy
+
+[Help Ubuntu: Squid - Proxy Server](https://help.ubuntu.com/lts/serverguide/squid.html)
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -6,6 +6,8 @@ This is based on [WiFi AP (RT5370) on Raspberry Pi](http://rpi.vypni.net/wifi-ap
 
 *don't forget to adjust to your adapters: `eth0` and `wlan1` used here*
 
+# hotspot/access point
+
 * `sudo su -`, opens root console, that redirect `>` works
 * `lsusb`, should show `148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter`
 * `apt-get install hostapd dnsmasq`
@@ -77,4 +79,8 @@ ARGS="-q -f -u0 -d10 -w -I"
 SUSPEND_ACTION="stop"
 ```
 
-Didn't work for me. However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after reboot works for me.
+Didn't work for me.
+
+However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after reboot works for me.
+
+# proxy
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -65,7 +65,8 @@ dhcp-range=10.10.10.2,10.10.10.150,255.255.255.0,12h
 * `iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT`
 * `iptables-save > /etc/iptables.nat`
 * `echo '#!/bin/bash' > /etc/network/if-up.d/forwarding && echo 'iptables-restore < /etc/iptables.nat' >> /etc/network/if-up.d/forwarding && chmod +x /etc/network/if-up.d/forwarding`
-
+* `shutdown -r now`
+
 The author of [WiFi AP (RT5370) on Raspberry Pi](http://rpi.vypni.net/wifi-ap-rt5370-on-raspberry-pi/) states that it doesn't work after a reboot. He solved it with:
 * `nano /etc/default/ifplugd`
 

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -2,7 +2,8 @@
 * setup ubuntu
 * get usb wifi dongle that supports master (AP) mode, e.g. with RT5370 chip. [Search on Amazon](http://amzn.to/1Fitqii)
 
-Based on [WiFi AP (RT5370) on Raspberry Pi](http://rpi.vypni.net/wifi-ap-rt5370-on-raspberry-pi/)
+This is based on [WiFi AP (RT5370) on Raspberry Pi](http://rpi.vypni.net/wifi-ap-rt5370-on-raspberry-pi/)
+
 *don't forget to adjust to your adapters: `eth0` and `wlan1` used here*
 
 * `sudo su -`, opens root console, that redirect `>` works

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -1,6 +1,6 @@
 * get raspberry pi 2
 * setup ubuntu
-* get usb wifi dongle that supports master AP) mode, e.g. with RT5370 chip. [Search on Amazon](http://amzn.to/1Fitqii)
+* get usb wifi dongle that supports master (AP) mode, e.g. with RT5370 chip. [Search on Amazon](http://amzn.to/1Fitqii)
 
 Based on [WiFi AP (RT5370) on Raspberry Pi](http://rpi.vypni.net/wifi-ap-rt5370-on-raspberry-pi/)
 *don't forget to adjust to your adapters: `eth0` and `wlan1` used here*

diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -44,3 +44,35 @@ rsn_pairwise=CCMP
 DAEMON_CONF="/etc/hostapd/hostapd.conf"
 ```
 
+* `/etc/init.d/hostapd restart`
+* `update-rc.d hostapd enable`
+* `nano /etc/dnsmasq.conf`
+
+```
+interface=wlan1 
+except-interface=eth0
+dhcp-range=10.10.10.2,10.10.10.150,255.255.255.0,12h
+```
+
+* `/etc/init.d/dnsmasq restart`
+* `update-rc.d dnsmasq enable`
+* `nano /etc/sysctl.conf`
+  * uncomment `net.ipv4.ip_forward=1`
+* `sysctl -p`
+* `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE`
+* `iptables -A FORWARD -i eth0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT`
+* `iptables -A FORWARD -i wlan1 -o eth0 -j ACCEPT`
+* `iptables-save > /etc/iptables.nat`
+* `echo '#!/bin/bash' > /etc/network/if-up.d/forwarding && echo 'iptables-restore < /etc/iptables.nat' >> /etc/network/if-up.d/forwarding && chmod +x /etc/network/if-up.d/forwarding`
+
+The author of [WiFi AP (RT5370) on Raspberry Pi](http://rpi.vypni.net/wifi-ap-rt5370-on-raspberry-pi/) states that it doesn't work after a reboot. He solved it with:
+* `nano /etc/default/ifplugd`
+
+```
+INTERFACES="eth0"
+HOTPLUG_INTERFACES="eth0"
+ARGS="-q -f -u0 -d10 -w -I"
+SUSPEND_ACTION="stop"
+```
+
+Didn't work for me. However, reissuing `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` after reboot works for me.
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -1,4 +1,46 @@
 * get raspberry pi 2
 * setup ubuntu
-* get usb wifi dongle that supports master mode
-* `sudo  apt-get update && sudo apt-get install hostapd`
+* get usb wifi dongle that supports master AP) mode, e.g. with RT5370 chip. [Search on Amazon](http://amzn.to/1Fitqii)
+
+Based on [WiFi AP (RT5370) on Raspberry Pi](http://rpi.vypni.net/wifi-ap-rt5370-on-raspberry-pi/)
+*don't forget to adjust to your adapters: `eth0` and `wlan1` used here*
+
+* `sudo su -`, opens root console, that redirect `>` works
+* `lsusb`, should show `148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter`
+* `apt-get install hostapd dnsmasq`
+* `nano /etc/network/interfaces`
+
+```
+allow-hotplug wlan1
+iface wlan1 inet static
+  address 10.10.10.1
+  netmask 255.255.255.0
+
+#wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
+iface default inet manual
+```
+
+* `nano  /etc/hostapd/hostapd.conf`
+
+```
+interface=wlan1
+driver=nl80211
+ssid=MAPBOX-STUDIO-PROXY
+hw_mode=g
+channel=6
+macaddr_acl=0
+auth_algs=1
+ignore_broadcast_ssid=0
+wpa=2
+wpa_passphrase=MY_SUPER_SECRET_PASSWORD
+wpa_key_mgmt=WPA-PSK
+wpa_pairwise=TKIP
+rsn_pairwise=CCMP
+```
+
+* `nano /etc/default/hostapd`
+
+```
+DAEMON_CONF="/etc/hostapd/hostapd.conf"
+```
+
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -1,4 +1,4 @@
 * get raspberry pi 2
 * setup ubuntu
 * get usb wifi dongle that supports master mode
-* 
+* `sudo  apt-get update && sudo apt-get install hostapd`
diff --git a/Mapbox-Studio-Proxy-Setup.md b/Mapbox-Studio-Proxy-Setup.md
@@ -0,0 +1,4 @@
+* get raspberry pi 2
+* setup ubuntu
+* get usb wifi dongle that supports master mode
+*