Raspberry Üzerinde Wireguard Client + AP Kurulumu

Portable Raspberry Pi Wireguard Tunnel
REQUIREMENTS:

Raspberry Pi with Raspbian installed.
Minimal, working knowledge in Linux.
Obtain a subscription from a Wireguard supported VPN provider. I recommend (Mullvad VPN).
Obtain a Wireguard configuration file from your provider.
Update Raspbian. sudo apt update && sudo apt-get upgrade
Install the neccessary dependencies. sudo apt-get install hostapd dnsmasq libmnl-dev linux-headers-rpi build-essential git dnsutils bc raspberrypi-kernel-headers iptables-persistent
Install Wireguard on the Raspberry Pi
git clone https://git.zx2c4.com/WireGuard
cd WireGuard/src
make
sudo make install
sudo modprobe wireguard
Move the Wireguard configuration file from Downloads to /etc/wireguard/ sudo mv .conf /etc/wireguard/
Bring up the Wireguard interface and set Wireguard to start on boot using the moved configuration file.
sudo wg-quick up
sudo systemctl enable wg-quick@.service
Set up the wireless network on the Pi. This will be the network that other devices connect to.
a. Edit the file /etc/default/hostapd and insert the following directory in DAEMON_CONF
sudo nano /etc/default/hostapd

DAEMON_CONF=”/etc/hostapd/hostapd.conf”
b. Create the hostapd configuration file and edit it as shown.

sudo touch /etc/hostapd/hostapd.conf
sudo nano /etc/hostapd/hostapd.conf
Type or paste in:
interface=wlan0
hw_mode=g
channel=10
ieee80211d=1
country_code=US
ieee80211n=1
wmm_enabled=1

ssid=
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
wpa_passphrase= c. Reconfigure the network interfaces on the Raspberry Pi sudo nano /etc/network/interfaces

Type or paste in:
auto wlan0
iface wlan0 inet static
address 10.100.100.1
netmask 24

allow-hotplug eth0
iface eth0 inet dhcp

allow-hotplug usb0
iface usb0 inet dhcp

allow-hotplug wlan1
iface wlan1 inet dhcp
wpa-driver wext
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
d. Create a new dnsmasq configuration file

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
sudo touch /etc/dnsmasq.conf
Type or paste in:
dhcp-authoritative
interface=wlan0
listen-address=10.100.100.1
dhcp-range=10.100.100.50,10.100.100.150,12h
read-ethers
bogus-priv
domain-needed
dhcp-option=option:dns-server,10.100.100.1
Setup forwarding and NAT sudo nano /etc/sysctl.conf Uncomment this line: net.ipv4.ip_forward=1 Then execute these commands to setup the NAT rules:
sudo iptables -t nat -A POSTROUTING -o -j MASQUERADE
sudo iptables -A FORWARD -i wlan0 -o -j ACCEPT
sudo iptables -A FORWARD -i -o wlan0 -m state –state RELATED,ESTABLISHED -j ACCEPT

sudo systemctl enable netfilter-persistent
sudo netfilter-persistent save
Turn on the wireless network and hope that it works.
sudo ifup wlan0
sudo service dnsmasq start
sudo service hostapd start
sudo update-rc.d hostapd enable
Restart the Raspberry Pi and confirm that everything works after a restart.