# Do IP mangling for checksum error issue after disable_dgaf=1
iptables -A POSTROUTING -t mangle -p udp --dport 68 -j CHECKSUM --checksum-fill
-# Do block ARP from ESP8266 to itself to avoid DHCPDECLINE
-arptables -A INPUT -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72
-arptables -A OUTPUT -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72
-arptables -A FORWARD -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72
-
# block everything except ssh, icmp, http, and dhcp
# Configure NAT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Protocol ICMP
iptables -A FORWARD -j ACCEPT -p icmp;
-iptables -A INPUT -j ACCEPT -s 192.168.1.198 -d 192.168.1.1 -p icmp;
-iptables -A INPUT -j ACCEPT -s 192.168.1.1 -d 192.168.1.198 -p icmp;
-iptables -A OUTPUT -j ACCEPT -s 192.168.1.198 -d 192.168.1.1 -p icmp;
-iptables -A OUTPUT -j ACCEPT -s 192.168.1.1 -d 192.168.1.198 -p icmp;
+iptables -A INPUT -j ACCEPT -p icmp;
+iptables -A OUTPUT -j ACCEPT -p icmp;
# SSH port 22
+# Note: 192.168.1.198 is the address of the master Raspberry Pi.
+# So, please adjust it to your own setup if needed.
#iptables -A INPUT -j ACCEPT -s 192.168.1.198 -d 192.168.1.1 -p tcp --dport ssh;
#iptables -A INPUT -j ACCEPT -s 192.168.1.198 -d 192.168.1.1 -p tcp --sport ssh;
#iptables -A INPUT -j ACCEPT -s 192.168.1.1 -d 192.168.1.198 -p tcp --dport ssh;