Skip to content

Raspberry pi 3

Installation

source: https://www.raspberrypi.com/software/operating-systems/

I downloaded Raspberry Pi OS Lite 64 bit: https://downloads.raspberrypi.com/raspios_lite_arm64/images/raspios_lite_arm64-2025-05-13/2025-05-13-raspios-bookworm-arm64-lite.img.xz

Preparing sdcard with imager

To install the os into the sdcard i use raspberry pi imager in a windows vm.

Open
  > Show virtual hardware details
    > Add hardware
      > USB Host Device

I had troubles mounting the usb on the windows vm, thankfully this user already found the solution: https://superuser.com/questions/1517074/usb-host-is-not-a-valid-device-name-error-when-trying-to-pass-usb-to-qemu

sudo pacman -S qemu-hw-usb-host

REMEMBER THIS while using the imager

  1. Create the username and password for login.
  2. Enable sshd
  3. Set the country code for wifi

After booting into os:

After booting:

To get keyd:

sudo apt update
sudo apt install software-properties-common python3-launchpadlib

I got the keyd deb link from https://packages.debian.org/sid/arm64/keyd/download

wget http://ftp.us.debian.org/debian/pool/main/k/keyd/keyd_2.5.0-4_arm64.deb

The default config:

/etc/keyd/default.conf
[ids]

*

[main]

# Maps capslock to escape when pressed and control when held.
capslock = overload(control, esc)

Raspberry Pi as an adapter+router (wifi to wired internet access)

This bridge setup is identical to the one in CCTV camera setup, the only difference is that in the latter we denied internet connection to the network.

Files:

/etc/systemd/network/10-bridge.netdev
1
2
3
[NetDev]
Name=br0
Kind=bridge
/etc/systemd/network/11-bridge-br0.network
1
2
3
4
5
[Match]
Name=br0

[Network]
Address=192.168.2.1
/etc/systemd/network/12-eth0-slave.network
1
2
3
4
5
[Match]
Name=eth0

[Network]
Bridge=br0

sudo systemctl enable systemd-networkd
sudo systemctl start systemd-networkd

Before proceeding to the remaining steps, confirm that br0 gets created and it gets the IP address mentioned earlier.

Note

  1. For br0 to show UP, at least one of its slave interfaces (here eth0) needs to have a physical link.
  2. APIPA address: 169.254.39.205/16 — This is a self-assigned address that Windows/Linux assigns when it tries to get a DHCP address but fails to get one from a DHCP server.

Now for the DNS server setup

sudo apt update
sudo apt install dnsmasq
/etc/dnsmasq.conf
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
# Only listen on the bridge interface
interface=br0

# Specify the DHCP range and lease time
dhcp-range=192.168.2.100,192.168.2.200,12h # Start IP, End IP, Lease time

# Gateway for DHCP clients (your bridge's IP)
dhcp-option=3,192.168.2.1

# DNS servers for DHCP clients (Google's DNS or your preferred)
dhcp-option=6,8.8.8.8,8.8.4.4

# Enable logging of DHCP transactions
log-dhcp

# You might want to uncomment this if you have issues with DNS resolution on the Pi itself
# bind-interfaces

Restart:

sudo systemctl restart dnsmasq

IPTables Rules for Internet Access (NAT/Masquerade)

sudo apt install iptables

sudo sysctl -w net.ipv4.ip_forward=1

To make it permanent

/etc/sysctl.conf
net.ipv4.ip_forward=1

Masquerade rule:

sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
sudo iptables -A FORWARD -i wlan0 -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i br0 -o wlan0 -j ACCEPT

Save this configuration with:

sudo apt install iptables-persistent

To do save it later manually:

sudo netfilter-persistent save

Google Gemini's advice:

Here are some recommended resources, categorized by type, to help you dive deeper:

1. Official Documentation & Man Pages (Essential!)

This is often overlooked but contains the most accurate and up-to-date information.

  • man pages: For any command or configuration file, the man page is your first stop.
    • man ip: For ip link, ip addr, ip route, etc.
    • man bridge: Information on the Linux bridge module.
    • man systemd-networkd: Overview of systemd-networkd.
    • man systemd.network: Details on the .network file format.
    • man systemd.netdev: Details on the .netdev file format.
    • man iptables: Comprehensive guide to iptables.
    • man dnsmasq: Detailed configuration options for dnsmasq.
    • man sysctl: For kernel parameters like ip_forward.
  • Arch Linux Wiki: Even if you're not on Arch, their wiki has exceptionally well-written, concise, and technically accurate guides for various Linux topics, including networking.

2. Books (For Structured, In-Depth Knowledge)

Books provide a structured learning path that often covers concepts from foundational to advanced.

  • "Linux Network Administrators Guide" (LNA Guide): An older but still highly relevant and free online resource. It covers fundamental concepts of TCP/IP and Linux networking components. While some tools might be different, the core principles are timeless.
  • "TCP/IP Illustrated, Vol. 1: The Protocols" by W. Richard Stevens: This is a classic for understanding TCP/IP at a fundamental level. While not Linux-specific, it will significantly deepen your understanding of why networking works the way it does, which is crucial for advanced troubleshooting and design. (Highly recommended if you want to understand protocols deeply).
  • "Understanding Linux Network Internals" by Christian Benvenuti: This book delves into the Linux kernel's networking stack. It's quite advanced but incredibly insightful if you want to know how everything works "under the hood."

3. Online Courses & Tutorials

  • Udemy/Coursera/edX: Search for "Linux Networking," "Network Administration," or "CompTIA Network+" courses. These can provide a good structured learning environment with video lectures.
  • YouTube Channels:
    • LevelUpTuts (specifically their Linux series): Good for practical, hands-on examples.
    • FreeCodeCamp: Often has full-length courses on Linux fundamentals that touch upon networking.
    • NetworkChuck / David Bombal: While often focused on Cisco/enterprise, they cover many core networking concepts that are universally applicable.
  • DigitalOcean Community Tutorials: Excellent practical guides for setting up various network services on Linux.
    • Search their site for "Linux networking," "iptables," "systemd-networkd," etc.

4. Labs and Hands-On Practice

This is arguably the most important. You learn best by doing and breaking things.

  • Continue with your Raspberry Pi project: Extend it!
    • Set up a firewall with specific port forwarding.
    • Implement QoS (Quality of Service).
    • Set up a VPN server.
    • Experiment with VLANs on your bridge (if your eth0 supports it or with a managed switch).
  • Virtual Machines (VMs): Use tools like VirtualBox or KVM/QEMU to create a virtual network.
    • Set up multiple Linux VMs.
    • Create virtual switches/bridges.
    • Experiment with routing between different virtual subnets.
    • Simulate different network topologies.
  • Network Emulators:
    • GNS3 / EVE-NG: These are more advanced tools for simulating complex network topologies with virtual routers, switches, and Linux hosts. They allow you to practice routing protocols, complex firewall rules, and more in a controlled environment.
  • Packet Tracer (Cisco): While Cisco-specific, it's a good tool for understanding fundamental networking concepts and building simple network diagrams.

5. Community Forums & Q\&A Sites

  • Stack Overflow / Server Fault: For specific technical questions or troubleshooting.
  • Reddit (r/linuxadmin, r/networking, r/sysadmin): Great for discussions, seeing how others solve problems, and asking questions.

Specific Topics to Explore Next:

  • Advanced IPTables/Netfilter:
    • Chains (INPUT, OUTPUT, FORWARD, PREROUTING, POSTROUTING)
    • Tables (filter, nat, mangle, raw)
    • conntrack module
    • Rate limiting, logging, specific target jumps (REJECT, DROP, LOG)
  • Routing:
    • Static vs. Dynamic Routing
    • Routing tables (ip route show)
    • Metric, Gateway, Interfaces
    • Understanding how packets traverse networks
  • Network Namespaces: A powerful Linux feature for creating isolated network environments. Essential for containers (Docker, LXC).
  • VLANs (Virtual LANs): How to segment networks logically.
  • VPNs: OpenVPN, WireGuard, IPsec.
  • Network Monitoring & Troubleshooting Tools:
    • ss, netstat (legacy), lsof
    • nmap (for scanning)
    • ping, traceroute, mtr, dig, nslookup
  • Network Protocols: Dive deeper into ARP, ICMP, UDP, TCP handshakes, HTTP, DNS queries.

Start with the man pages and the Arch Linux Wiki for specific components, then use books and online courses to build a more holistic understanding. And most importantly, keep experimenting! The more you build and break, the more you'll learn.


Comments