linux soft AP-hostapd + dhcpd
May 08, 2018 ? Comprehensive ? 4908 words in total ? Font size Small Medium Large ? Comments are closed
With the increase in wireless devices such as mobile phones and laptops, the company’s three home wireless routers have been overwhelmed, and some people always say they can’t connect. Who asked us to be the operation and maintenance? In the eyes of many people, operation and maintenance = network management (deeply aggrieved). If there is no other way, we can take on the position of enterprise network management. There are two solutions proposed to BOSS: 1. Purchase enterprise wireless routers
, the price ranges from several hundred to several thousand, the performance ranges from supporting 30 devices to more than 100 devices, the maximum speed ranges from 150M to 1300M, etc. There are also many grades, and there are some other parameters and functions that are not stated one by one; 2. . Purchase a wireless network card and use it with linux hostapd + dhcpd or dnsmasq. The functions can be freely expanded according to needs. The cost of a wireless network card is less than 100 yuan, and it is a retired old computer (and it can also be used as a gateway, ftp, etc.).
1. Network card selection
Unlike Windows, most network cards support soft AP. Network cards under Linux need to support mode master before they can be used as soft AP. The specific identification method is as follows
1. iwconfig identification
[root@localhost ~]$ sudo iwconfig wlan0 mode master Password: Error for wireless request "Set Mode" (8B06): SET failed on device wlan0; Invalid argument.
2.iw identification
The above operation failed, proving that it is not supported. After further verification, some new network cards use the mac80211 framework. For these network cards, it will not work to use iwconfig to test whether they support master mode.
Because they communicate in user space using the new nl80211 interface. Then use the iw command to test:
[root@localhost ~]$ sudo iw list ........slightly........................ Supported interface modes: *IBSS *managed *AP * AP/VLAN
If there is “AP” in “Supported interface modes”, then congratulations, your wireless network card can set up a virtual AP. If not, it is not supported.
3. Driver identification
[root@localhost ~]$ sudo ethtool -i wlan0 driver: iwlagn version: 3.0-ARCH firmware-version: 8.83.5.1 build 33692 bus-info: 0000:03:00.0 supports-statistics: no supports-test: no supports-eeprom-access: no supports-register-dump: no
For example, the driver used in the above example is iwlagn. If the AP item is yes in the driver list supported by AP mode at http://wireless.kernel.org/en/users/Drivers, iwlagn is not found.
, proving that it is not supported.
That being the case, how to choose a network card that is definitely supported before purchasing a network card? wireless.kernel.org also provides us with a method through http://wireless.kernel.org/en/users/Devices hardware list
(This page is distinguished by PCI, USB, and PCMcia interface types. Click on the corresponding type to view the specific hardware). Of course, the list in this table is not complete, and it does not guarantee that it is the most suitable hardware for soft AP. Please refer to the three methods above to see if they are compatible.
2. hostapd + dnsmasq configuration
After selecting the network card, the next step is to configure the software under Linux. Take linux mint as an example (based on ubuntu, the following examples are also applicable to ubuntu)
1. Install software
[root@localhost ~]$ sudo apt-get install hostapd dnsmasq
Dnsmasq is a small and convenient tool for configuring DNS and DHCP, suitable for small networks. If there are many machines in the network environment, it is recommended to use dhcpd instead.
2. hostapd configuration
[root@localhost ~]$ sudo vim /etc/hostapd/hostapd.conf interface=wlan0 driver=nl80211 ssid=My_wifi channel=6 hw_mode=g ignore_broadcast_ssid=0 auth_algs=1 wpa=3 wpa_passphrase=11111111 wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP
The above is an example configuration, which configures a soft AP with the AP name My_wifi and a wpa encryption method with a password of 8 1s. After the configuration is completed, you can check the file configuration through hostadp /etc/hostapd/hostapd.conf. If the configuration file is normal, you can use /etc/init.d/hostapd
Start starts. Before starting, please confirm whether the following line has been added. If the value of this line is empty, please modify it as follows.
# sudo vim /etc/init.d/hostapd Change the value of DAEMON_CONF in the file to the following: DAEMON_CONF=/etc/hostapd/hostapd.conf
3. dnsmasq configuration
#sudo vim /etc/dnsmasq.conf interface=wlan0 listen-address=192.168.100.1 #no-dhcp-interface= dhcp-range=192.168.100.50,192.168.100.150,12h server=/google/8.8.8.8
The interface that dnsmasq monitors is configured above, the IP of the interface, the range of dhcp addresses, the lease length, dns, etc. If you want to use dhcpd, you can omit the configuration of dhcpd.conf here. 3. Configure the wireless access point IP
sudo ifconfig wlan0 192.168.100.1 netmask 255.255.255.0 up
4. Enable routing and forwarding of the host
echo 1 >/proc/sys/net/ipv4/ip_forward
The above configuration takes effect immediately, but will become invalid after restarting the system. The way to make it effective after restarting is to modify the /etc/sysct.conf file and add the following line to it:
#sudo vim /etc/sysctl.conf net.ipv4.ip_forward=1 #sysctl -p takes effect
5. Shared Internet access
There are two ways to share the Internet through LAN eth0: one is bridge mode and the other is nat mode. Here we take nat mode as an example:
iptables -A FORWARD -i wlan0 -o eth0 -s 192.168.100.0/24 -m state --state NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
After configuring the above steps, you can complete the wireless AP access to the Internet.
3. wifi-hostapd-ap tool
The above steps can also be performed by configuring a graphical tool, which is wifi-hostapd-ap. This tool was developed by Russians and its graphical interface relies on qt. The installation method of this tool is as follows (still taking my laptop’s system linux mint as an example):
# sudo apt-add-repository ppa:ekozincew/ppa # sudo apt-get update & amp; & amp; sudo apt-get install wifi-hostapd-ap
Other Linux versions can be downloaded and installed through https://code.google.com/p/wifi-hostapd-ap/downloads/list.
However, the tool defaults to a Russian interface, with built-in English, which can be modified through the following methods. As shown below:
Select English, click the middle button to save, exit wifi_hostapd_ap after saving, and then restart.
As shown in the picture below, it has been changed to English. The editor part is about templates. If you are interested, you can try it.
Hostapd.conf configuration related parts
The following is the configuration of the dnsmasq.conf section
After completion, click active to activate all configurations. After the client is connected, you can view the currently connected clients on the list of clients.
This part refers to Taiwan Yahoo blog grid
4. Others
1. Regarding the network card that cannot use soft AP mode
For example, the common RTL8187 card king can be used as a soft AP easily under Windows, but it is not supported under hostapd. Personally, I don’t think it’s because the network card hardware doesn’t support it, but because the driver doesn’t support it. If you want to solve the problem that some things that are supported under Windows are also supported under Linux, you can solve it by modifying the driver. Of course, this requires a high level of thinking – personal opinion, I don’t know if it is correct.
2. Check whether the network card supports soft AP under freebsd
Due to the mobile nature of freebsd itself, many soft gateways and soft APs will choose to make changes based on freebsd, such as the famous pfsense. Let’s take the King of Cards as an example here, because we have such a card on hand. At that time, I thought it would not work under Linux, but maybe it would be supported under FreeBSD. How to check whether the wireless network card under freebsd supports AP mode?
[root at thor ~]# ifconfig ndis0 ndis0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 2290 ether 00:25:d3:93:50:c8 media: IEEE 802.11 Wireless Ethernet autoselect (autoselect) status: no carrier [root at thor ~]# ifconfig ndis0 list caps ifconfig: unable to get device capabilities: Invalid argument [root at thor ~]# ifconfig wlan0 create wlandev ndis0 [root at thor ~]# ifconfig wlan0 wlan0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 00:25:d3:93:50:c8 media: IEEE 802.11 Wireless Ethernet autoselect (autoselect) status: no carrier ssid "" channel 1 (2412 Mhz 11b) country US authmode OPEN privacy OFF txpower 0 bmiss 7 scanvalid 60 bintval 0 [root at thor ~]# ifconfig wlan0 list caps drivercaps=1802303<STA,803ENCAP,IBSS,PMGT,TXPMGT,WPA1,WPA2> cryptocaps=b<WEP,TKIP,AES_CCM>
As shown in the above operation, use the ifconfig wlan0 list caps command to check whether there is an AP item in the output result. If not, it is not supported. So the final result is that Card King is not supported under freebsd.
For freebsd soft AP related settings, please refer to the following pages
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-wireless.html
http://www.freebsdwiki.net/index.php/AccessPoint#Useful_Association_Commands
3. When the client uses HOSTAPD wireless AP, the network speed is unstable
When the client uses the HOSTAPD wireless AP, the network speed is unstable, resulting in the inability to open the web page at certain times or other network inaccessibility problems caused by network timeout.
This problem is mainly caused by the excessive delay in wireless network data transmission caused by the small number of random seeds in wireless data transmission verification. Users can view the specific value through the command cat /proc/sys/kernel/random/entropy_avail. The value is generally less than 1000. Users need to install the random number generator (haveged) by executing the sudo apt-get install haveged command in the terminal, and use the /etc/init.d/haveged start command to start the random number generator (haveged) to improve entropy_avail value. In this way, the wireless network delay will return to normal. The network no longer has the problems described above.