XMEN BLOGGER: December 2017

Thursday, December 21, 2017

Raspberry Pi - Ubuntu Mate - create-wireless-access-point-hostapd


From:
https://seravo.fi/2014/create-wireless-access-point-hostapd
https://help.ubuntu.com/community/WifiDocs/WirelessAccessPoint
https://help.ubuntu.com/community/WifiDocs/WiFiHowTo
https://askubuntu.com/questions/180733/how-to-setup-an-access-point-mode-wi-fi-hotspot

dashohoxha/install_wifi_access_point.sh
https://gist.github.com/dashohoxha/5767262
http://dashohoxha.blogspot.com.es/2013/06/how-to-setup-wifi-access-point-on-ubuntu.html

dnsmasq bug
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1464990

[GUIDE] Making infrastructure wifi hotspot on ubuntu 12.04/12.10 by ogyct
https://forum.xda-developers.com/showthread.php?t=2009381

https://unix.stackexchange.com/questions/119209/hostapd-will-not-start-via-service-but-will-start-directly
https://unix.stackexchange.com/questions/350333/starting-hostapd-fails-acs-unable-to-collect-survey-data
Ubuntu Forums
https://ubuntuforums.org/showthread.php?t=1488953

https://mail.gnome.org/archives/networkmanager-list/2017-April/msg00003.html
https://askubuntu.com/questions/19320/how-to-enable-or-disable-services
https://dajul.com/2011/01/06/solucion-al-error-insserv-warning-script-x-missing-lsb-tags-and-overrides/
https://askubuntu.com/questions/218/command-to-list-services-that-start-on-startup

rsyslog
https://www.raspberrypi.org/forums/viewtopic.php?t=122601
https://github.com/rsyslog/rsyslog/issues/35

https://ubuntu-mate.community/t/something-is-renaming-my-eth0-and-wlan0-interfaces/2884/7
https://askubuntu.com/questions/775597/how-to-use-onboard-wifi-on-raspberry-pi-3-with-ubuntu-server-16-04
https://askubuntu.com/questions/766131/set-static-ip-ubuntu-16-04
https://ubuntuforums.org/archive/index.php/t-1970451.html

Turn your Raspberry Pi into a wireless access point with Hostapd

Linux hotspotDo you want to make a computer function as a WLAN base station, so that other computers can use as it as their wifi access point? This can easily be done using the open source software Hostapd and compatible wifi hardware.

This is a useful thing to do if computer acting as a firewall or as a server in the local network, and you want to avoid adding new appliances that all require their own space and cables in you already crowded server closet. Hostapd enables you to have full control of your WLAN access point and also enhances security. By using Hostapd the system will be completely in your control, every line of code can be audited and the source of all software can be verified and all software can be updated easily. It is quite common that active network devices like wifi access points are initially fairly secure small appliances with Linux inside, but over time their vendors don’t provide timely security updates and local administrators don’t care to install them via some clumsy firmware upgrade mechanism. With a proper Linux server admins can easily SSH into it and run upgrades using the familiar and trusted upgrade channels that Linux server distributions provide.

The first step in creating wireless base station with Hostapd is to make sure the WLAN hardware supports running in access point mode. Examples are listed in the hostapd documentation. A good place to shop for WLAN cards with excellent Linux drivers is thinkpenguin.com and in their product descriptions the WLAN card supported operation modes are nicely listed.

The next step is to install the software called Hostapd by Jouni Malinen and others. This is a very widely used software and it most likely is available in your Linux distribution by default. Many of the WLAN router appliances available actually are small Linux computers running hostapd inside, so by running hostapd on a proper Linux computer will give you at least all the features available in the WIFI routers, including advanced authentication and logging.

Our example commands are for Ubuntu 14.04. You need to have access to install hostapd and dnsmasq Dnsmasq is a small DNS/DHCP server which we’ll use in this setup. To start simply run:

sudo apt-get install hostapd dnsmasq

After that you need to create and edit the configuration file:

zcat /usr/share/doc/hostapd/examples/hostapd.conf.gz | sudo tee -a /etc/hostapd/hostapd.conf
The configuration file /etc/hostapd/hostapd.conf is filled with configuration examples and documentation in comments. The relevant parts for a simple WPA2 protected 802.11g network with the SSID ‘Example-WLAN‘ and password ‘PASS‘ are:

interface=wlan0
ssid=Example-WLAN
hw_mode=g
wpa=2
wpa_passphrase=PASS
wpa_key_mgmt=WPA-PSK WPA-EAP WPA-PSK-SHA256 WPA-EAP-SHA256

Next you need to edit the network interfaces configuration to force the WLAN card to only run in the access point mode. Assuming that the access point network will use the address space 192.168.8.* the file /etc/network/interfaces should look something like this:

# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback

auto wlan0
iface wlan0 inet static
hostapd /etc/hostapd/hostapd.conf
address 192.168.8.1
netmask 255.255.255.0
Then we need to have a DNS relay and DHCP server on our wlan0 interface so the clients actually get a working Internet connection, and this can be accomplished by configuring dnsmasq. Like hostapd it also has a very verbose configuration file /etc/dnsmasq.conf, but the relevant parts look like this:

interface=lo,wlan0
no-dhcp-interface=lo
dhcp-range=192.168.8.20,192.168.8.254,255.255.255.0,12h

Next we need to make sure that the Linux kernel forwards traffic from our wireless network onto other destination networks. For that you need to edit the file /etc/sysctl.conf and make sure it has lines like this:

net.ipv4.ip_forward=1

We need to activate NAT in the built-in firewall of Linux to make sure the traffic going out uses the external address as its source address and thus can be routed back. It can be done for example by appending the following line to the file /etc/rc.local:

iptables -t nat -A POSTROUTING -s 192.168.8.0/24 ! -d 192.168.8.0/24 -j MASQUERADE

Some WLAN card hardware might have a virtual on/off switch. If you have such hardware you might need to also run rfkill to enable the hardware using a command like rfkill unblock 0.

The same computer also runs Network Manager (as for example Ubuntu does by default) you need to edit it’s settings so that if won’t interfere with the new wifi access point. Make sure file /etc/NetworkManager/NetworkManager.conf looks like this:

[main]
plugins=ifupdown,keyfile,ofono
dns=dnsmasq

[ifupdown]
managed=false
Now all configuration should be done. To be sure all changes take effect, finish by rebooting the computer.

If everything is working, a new WLAN network should be detected by other devices.
On the WLAN-server you’ll see similar output from these commands:

$ iw wlan0 info
Interface wlan0
ifindex 3
type AP
wiphy 0

$ iwconfig
wlan0 IEEE 802.11bgn Mode:Master Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Power Management:off

$ ifconfig
wlan0 Link encap:Ethernet HWaddr f4:ec:38:de:c8:d2
inet addr:192.168.8.1 Bcast:192.168.8.255 Mask:255.255.255.0
inet6 addr: fe80::f6ec:38ff:fede:c8d2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5463040 errors:0 dropped:0 overruns:0 frame:0
TX packets:8166528 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:861148382 (861.1 MB) TX bytes:9489973056 (9.4 GB)