Raspberry Pi GSM Surfstick Setup -------------------------------- Objective: instead of WiFi or wired ethernet, use a surfstick (USB 3G modem) for access to the net. 1. Install parts and pieces: sudo apt-get install -y ppp 2. Create peer configurations, one pair (PPP parameters and chat script) per peers. These go into /etc/ppp/peers: root@rpi0w-005:/etc/ppp/peers# pwd /etc/ppp/peers root@rpi0w-005:/etc/ppp/peers# ls -ls total 20 4 -rw-r--r-- 1 pi pi 215 Dec 24 2017 att 4 -rw-r--r-- 1 pi pi 215 Oct 5 2016 att.chat 4 -rw-r----- 1 root dip 1093 Dec 23 2017 provider 4 -rw-r--r-- 1 pi pi 217 Jan 15 2018 tmo 4 -rw-r--r-- 1 pi pi 218 Jan 15 2018 tmo.chat root@rpi0w-005:/etc/ppp/peers# For AT&T: root@rpi0w-005:/etc/ppp/peers# cat att noauth debug connect "/usr/sbin/chat -v -f /etc/ppp/peers/att.chat" connect-delay 2000 # /dev/ttyU0 /dev/ttyACM0 460800 local defaultroute noipdefault usepeerdns # novj user "WAP@CINGULARGPRS.COM" persist maxfail 0 root@rpi0w-005:/etc/ppp/peers# The script referred to by "connect" needs to exist. Google the correct access point name (APM) for your provider. There might be more than one. Here we go with wap.cingular. File format is either directive-and-value, or response-request: root@rpi0w-005:/etc/ppp/peers# cat att.chat TIMEOUT 3 ECHO ON ABORT BUSY ABORT 'NO CARRIER' ABORT VOICE ABORT 'NO DIALTONE' ABORT 'NO DIAL TONE' ABORT 'NO ANSWER' ABORT DELAYED '' '\rAT' '' ATZ TIMEOUT 6 OK 'AT+CGDCONT=1,"IP","wap.cingular"' OK 'ATDT*99***1#' root@rpi0w-005:/etc/ppp/peers# Same for TMobile: root@rpi0w-005:/etc/ppp/peers# cat tmo noauth debug connect "/usr/sbin/chat -v -f /etc/ppp/peers/tmo.chat" connect-delay 2000 # /dev/ttyU0 /dev/ttyUSB0 460800 local defaultroute noipdefault usepeerdns # novj # user "WAP@CINGULARGPRS.COM" persist maxfail 0 root@rpi0w-005:/etc/ppp/peers# root@rpi0w-005:/etc/ppp/peers# cat tmo.chat TIMEOUT 3 ECHO ON ABORT BUSY ABORT 'NO CARIER' ABORT VOICE ABORT 'NO DIALTONE' ABORT 'NO DIAL TONE' ABORT 'NO ANSWER' ABORT DELAYED '' '\rAT' '' ATZ TIMEOUT 6 OK 'AT+CGDCONT=1,"IP","epc.tmobile.com"' OK 'ATDT*99***1#' root@rpi0w-005:/etc/ppp/peers# If the configuration (not the chat) script specifies a user, the password needs to be provided in /etc/ppp/chap-secrets or /etc/ppp/pap-secrets: root@rpi0w-005:/etc/ppp# cat pap-secrets # # /etc/ppp/pap-secrets # # This is a pap-secrets file to be used with the AUTO_PPP function of # mgetty. mgetty-0.99 is preconfigured to startup pppd with the login option # [... lots of blah omitted ...] # OUTBOUND connections # Here you should add your userid password to connect to your providers via # PAP. The * means that the password is to be used for ANY host you connect # to. Thus you do not have to worry about the foreign machine name. Just # replace password with your password. # If you have different providers with different passwords then you better # remove the following line. # * password # * * CINGULAR1 * att CINGULAR1 root@rpi0w-005:/etc/ppp# If the surf-stick-equipped Pi is supposed to be a NAT-router, then IPTables' configuration needs to be updated. For that add this script to /etc/ppp/if-up.d: root@rpi0w-005:/etc/ppp/ip-up.d# pwd /etc/ppp/ip-up.d root@rpi0w-005:/etc/ppp/ip-up.d# cat 123nat #!/bin/sh set -x set -v iptables-restore /home/pi/IPTables/iptables.ipv4.ppp sysctl net.ipv4.ip_forward=1 root@rpi0w-005:/etc/ppp/ip-up.d# The configuration passed to iptables-restore must exist: root@rpi0w-005:/etc/ppp/ip-up.d# cat /home/pi/IPTables/iptables.ipv4.ppp # Generated by iptables-save v1.4.21 on Wed Nov 22 19:42:25 2017 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [1:120] :POSTROUTING ACCEPT [1:120] -A POSTROUTING -o ppp0 -j MASQUERADE COMMIT # Completed on Wed Nov 22 19:42:25 2017 # Generated by iptables-save v1.4.21 on Wed Nov 22 19:42:25 2017 *filter :INPUT ACCEPT [112:8576] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [91:10408] -A FORWARD -i ppp0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i wlan0 -o ppp0 -j ACCEPT COMMIT # Completed on Wed Nov 22 19:42:25 2017 root@rpi0w-005:/etc/ppp/ip-up.d# In case the link is not permanent, means to revert iptables back to normal must be provided: root@rpi0w-005:/etc/ppp/ip-down.d# cat 123nat #!/bin/sh -e iptables-restore /home/pi/IPTables/iptables.ipv4.takedown sysctl net.ipv4.ip_forward=0 root@rpi0w-005:/etc/ppp/ip-down.d# root@rpi0w-005:/etc/ppp/ip-down.d# cat /home/pi/IPTables/iptables.ipv4.takedown # Generated by iptables-save v1.4.21 on Wed Nov 22 19:55:09 2017 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [4:304] :POSTROUTING ACCEPT [4:304] COMMIT # Completed on Wed Nov 22 19:55:09 2017 # Generated by iptables-save v1.4.21 on Wed Nov 22 19:55:09 2017 *filter :INPUT ACCEPT [129:9978] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [114:11942] COMMIT # Completed on Wed Nov 22 19:55:09 2017 root@rpi0w-005:/etc/ppp/ip-down.d# Chances are that (especially in a mobile configuration) the USB modem is not permanently available. To ease abuse, it might be worthwhile to check on modem presence from within a cron job: pi@rpi0w-005:~ $ crontab -l # Edit this file to introduce tasks to be run by cron. # [... blah ...] # m h dom mon dow command 0,2,4,5,6,8 * * * * /bin/sh /home/pi/bin/cron.tab 10,12,14,16,18 * * * * /bin/sh /home/pi/bin/cron.tab 20,22,24,26,28 * * * * /bin/sh /home/pi/bin/cron.tab 30,32,34,36,38 * * * * /bin/sh /home/pi/bin/cron.tab 40,42,44,46,48 * * * * /bin/sh /home/pi/bin/cron.tab 50,52,54,56,58 * * * * /bin/sh /home/pi/bin/cron.tab pi@rpi0w-005:~ $ pi@rpi0w-005:~ $ cat /home/pi/bin/cron.tab #!/bin/sh if [ -e /dev/ttyACM0 ] then if [ `/bin/ps -ef | /bin/grep "pppd call att" | /bin/grep -v grep | /usr/bin/wc -l` -eq 0 ] then nohup /usr/sbin/pppd call att > /var/tmp/pppd.log 2>&1 & fi else if [ `/bin/ps -ef | /bin/grep "pppd call att" | /bin/grep -v grep | /usr/bin/wc -l` -gt 0 ] then pkill pppd > /dev/null 2>&1 fi fi if [ -e /dev/ttyUSB0 ] then if [ `/bin/ps -ef | /bin/grep "pppd call tmo" | /bin/grep -v grep | /usr/bin/wc -l` -eq 0 ] then nohup /usr/sbin/pppd call tmo > /var/tmp/pppd.log 2>&1 & fi else if [ `/bin/ps -ef | /bin/grep "pppd call tmo" | /bin/grep -v grep | /usr/bin/wc -l` -gt 0 ] then pkill pppd > /dev/null 2>&1 fi fi pi@rpi0w-005:~ $ This script supports two different modems, one (fairly vintage) Nokia N8 phone with an AT&T SIM, the other a TMobile surfstick with a TMobile SIM. They differ in the way the Pi recognizes them: the modem shows up as ttyUSB0, the phone as ttyACM0. On a Zero-W, typically only one is present, and the type of device hints at the provider.