Wednesday, April 9, 2014

WiFi Tethering in Linux / Convert your laptop in to an access point

1. install hostapd and dnsmasq to your system

2. Configure hostapd
Sample configuration given below. Change interface, ssid and wpa_passphrase according to your requirement.
$ cat /etc/hostapd/hostapd.conf
interface=wlan0
driver=nl80211
ssid=
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=3
wpa_passphrase=
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
ap_max_inactivity=2400

3. Create a start/stop script
This script will start, stop, restart  the required services and set the required iptables rules. Please change the IP address and interface name if required. 
$ cat /opt/ap.sh 
#!/bin/bash
function start(){
   echo "Starting hostapd"
   hostapd -B /etc/hostapd/hostapd.conf
   sleep 1
   echo "Setting 10.42.0.1 to wlan0"
   ifconfig wlan0 10.42.0.1 netmask 255.255.255.0
   echo "Starting dnsmasq..."
   dnsmasq --conf-file --no-hosts --keep-in-foreground --bind-interfaces --except-interface=lo --clear-on-reload --strict-order --listen-address=10.42.0.1 --dhcp-range=10.42.0.10,10.42.0.100,60m --dhcp-option=option:router,10.42.0.1 --dhcp-lease-max=50 --pid-file=/var/run/nm-dnsmasq-wlan0.pid&
   iptables -A FORWARD -d 10.42.0.0/24 -o wlan0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
   iptables -A FORWARD -s 10.42.0.0/24 -i wlan0 -j ACCEPT
   iptables -A FORWARD -i wlan0 -o wlan0 -j ACCEPT
   iptables -t nat -A POSTROUTING -s 10.42.0.0/24 ! -d 10.42.0.0/24 -j MASQUERADE
   echo 1 > /proc/sys/net/ipv4/ip_forward
}

function stop(){
   echo "Stopping hostapd..."
   pkill hostapd
   echo "Turn down wlan0..."
   ifconfig wlan0 down
   echo "stoping dnsmasq..."
   pkill -f dnsmasq.*10.42.0.1*
   iptables -D FORWARD -d 10.42.0.0/24 -o wlan0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
   iptables -D FORWARD -s 10.42.0.0/24 -i wlan0 -j ACCEPT
   iptables -D FORWARD -i wlan0 -o wlan0 -j ACCEPT
   iptables -t nat -D POSTROUTING -s 10.42.0.0/24 ! -d 10.42.0.0/24 -j MASQUERADE
   echo 0 > /proc/sys/net/ipv4/ip_forward
}

function status(){
   if [[ $(pgrep -f dnsmasq.*10.42.0.1*) != '' ]]
   then
      echo "dnsmasq running..."
   else
      echo "dnsmasq not running..."
   fi
   if [[ $(pgrep hostapd) != '' ]]
   then
      echo "hostapd running..."
   else
      echo "hostapd not running..."
   fi

   echo "ip_forward is set to:"$( cat /proc/sys/net/ipv4/ip_forward)
   echo "Related iptable rules:"
   sudo iptables -nL -t nat | grep 10.42;
   sudo iptables -nL | grep 10.42
}

case "$1" in
   start)
      if [[ $(pgrep -f dnsmasq.*10.42.0.1*) == '' &&  $(pgrep hostapd) == '' ]] 
      then
         start
      else
         status
      fi
      ;;
   stop)
      stop
      ;;
   restart)
      stop
      start
      ;;
   status)
      status
      ;;
   *)
      echo "Usage: $0" \
         "{start|stop|status}"
      exit 1
      ;;
esac

4. That's all. Now you can start, stop and check the status of the access point using this script.
/opt/ap.sh start
/opt/ap.sh stop
/opt/ap.sh restart
/opt/ap.sh status


No comments:

Post a Comment