Debian NAT Support


#1

root@chip:~# uname -a
Linux chip 4.4.11-ntc #1 SMP Sat May 28 00:27:07 UTC 2016 armv7l GNU/Linux
root@chip:~# iptables -t nat -nvL
iptables v1.4.21: can’t initialize iptables table `nat’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
root@chip:~#

This machine has two wifi interfaces. It is crying out to have one used as a client and one as an access point, but the kernel doesn’t have NAT support built in.

Please consider adding NAT support to your standard kernel builds.


New kernel live in apt repos! Flashable images also online!
#2

Build your own kernel, bro!
The standard kernel has to consider a trade-off between size and functionality. Building everything into the kernel increases the size and takes more memory.
Although I do think there could be multiple standard kernels available for selection: a slim kernel as default, and a mega kernel with more functionality. Currently the kernel sources take out over 1GB of the little 4GB onboard storage I have, and eventually this would be an issue.


#3

I understand there is a trade off and in this case the trade off is worth it. We’re talking about adding a few kilobytes to a kernel which is only a few megabytes in size, and in return for that, we can use the device as a NAT router, which is probably the most common use case for a device with more than one available wifi interface. I don’t know why you’re talking about 1GB of kernel source. The kernel source wont shrink if you exclude NAT from the built kernel image.


#4

If you want this feature bad enough, submit a pull request with the appropriate config mods to the CHIP-linux repo. That’s the best way to get what you want included. NTC may say no, but at least it puts it on their radar.


#5

Good advice. Should get a chance to build a custom kernel this weekend. Will submit a pull request when I’ve confirmed it’s working.


#6

Based on the same logic: let’s build USB camera support into the kernel, adding a few kilobytes, and in return for that, we can use the device as a home surveillance camera, which is probably the most common use case for a device with both a WiFi interface and a USB host port.
Same argument goes for almost every kernel module.

However, I hope NTC guys can compile the kernel (minimally) and modulize all other features that we can download when needed, so that I don’t have to spend that 1GB space for kernel sources.

C.H.I.P has only one WiFi interface. It has two virtual interfaces, but they both work at the same radio channel.
NAT is evil. It’s not in any IETF standard. IPv4 should die altogether. Let’s use IPv6 and forget about NAT altogether.


#7

Yes, absolutely. Build in support for USB camera support. The device is less useful without it. The people like you who want to build specialised kernels with minimal support should be the ones building the replacement kernels. Out of the box, it should support all the hardware and common use cases. It works for the Raspberry Pi. I don’t know why you keep saying “1GB” when what we’re talking about is a kernel that’s about 4MB on disk. The size of the kernel sources is irrelevant.

I know that the C.H.I.Ps two interfaces are virtual. That is completely irrelevant. NAT and IPv4 are standard and widely (almost universally) used, and your personal opinions on their evilness are not important.


#8

It has two physical interfaces & not virtual. For confirmation you can use “iw dev” command.

NAT/IP-tables are most important modules.Without them CHIP is useless board.

Plus there is no any guide which inform step by step procedure to enable support for NAT/IP table.


#9

Exactly. The vast majority of use cases for using two wifi interfaces involve using NAT. The Chip is useless as a router without it. It boggles my mind that it doesn’t come with the software required to take advantage of the hardware it has. It’s a brick without it.