Converts a Linux server to a wireless access point.

Article Title: convert a Linux server to a wireless access point. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Creating your own wireless access point includes the following steps:

Configure the network in the correct way

Make sure that the wireless Nic is configured in special mode

DHCP service on a wireless network card

Configure Firewall for ip desktop disguise

Except for the names of some configuration files, the steps described in this article are almost compatible with all major Linux systems that have been released.

Network Configuration

To make the server an access point, you need two website configurations. One of them provides Internet access for servers. You can connect directly to the Internet or through a NAT router (this step is not very important ). If you use a server to implement this configuration, the network interface is usually a LAN. You can also use a notebook to replace the server and use any interface to connect to the network.

In addition to network interfaces, wireless interfaces are also required. In this article, we assume that the network interface is identified by eth0 on the server, and the wireless interface is identified by wlan0. To create this configuration, you can use a tool that you think is the most convenient to create a network interface, without manual configuration. As for the wireless interface, you need to manually.

Configure wireless network card

Before converting a configuration to a configuration file, it is a good idea to create a configuration for a wireless network card in the command line. You can use the iwconfig command to complete this task. The first thing before using this command is to set the wireless network card as the communication mode. The following command can complete the setting task:

Iwconfig wlan0 mode Ad-Hoc

The user's wireless network card can be connected only when another computer is set to the communication mode. Next, the user's computer also needs an ESSID, which is the unique identifier that identifies the network. In this example, if the essid supernet has been used, you can use any essid, the premise is that the essid has not been used within the accessible range of the user's computer. The following command sets an ESSID for your computer.

Iwconfig wlan0 essid supernet

In this case, the user's wireless network card should have all the required parameters. You can use the iwconfig command to verify this.

[Root @ sfo ~] # Iwconfig

Wlan0 IEEE 802.11 abgn ESSID: "sandernet"

Mode: ad-hoc Frequency: 2.412 GHz Cell: 96: 1E: 76: FA: FE: A0

Tx-Power = 15 dBm

Retry long limit: 7 RTS thr: off Fragment thr: off

Encryption key: off

Power Management: off

Next, you need to specify the IP address configuration for the wireless network card. You can use the IP address command to complete this task, as shown below:

Ip address add dev wlan0 192.168.100.1 netmask 255.255.255.0

When specifying an IP address, you must make sure that the address is unique and is not in use. You do not need to specify the default gateway and DNS server because the user's computer has obtained the information through the network interface. After the IP address is specified, the user's wireless network card is established, and the wireless access point can be seen from the neighboring computer.

You can connect to it, but you cannot obtain the IP address because the DHCP server is not configured yet.

DHCP server configuration

Next, you need to confirm that your access point can submit IP addresses. To complete this task, you must first install DHCP using yum. Create a configuration file named/etc/dhcp/dhcpd. conf and make it contain the following content:

[Root @ sfo ~] # Cat/etc/dhcp/dhcpd. conf

Option domain-name "supernet. example ";

Option domain-name-servers 192.168.1.1;

Default-lease-time 600;

Max-lease-time 7200;

Authoritative;

Log-facility local7;

Subnet 192.168.100.0 netmask 255.255.255.0 {

Range 192.168.100.10 192.168.100.20;

Option routers 192.168.100.1;

}

After the configuration is complete, you need to start the DHCP server and make sure it can be automatically started after the server is restarted. The following command can help you complete the task:

Service dhcpd start

Chkconfig dhcpd on

Configure Firewall

The last step of configuration is to configure NAT on the server. You can use the powerful internal Linux iptables firewall. If no firewall is attached to the user's server, it is quite easy to complete the NAT configuration, but pay attention to the method used. In Fedora, Red Hat, and CentOS, you can use the system-config-firewall tool in the figure to create firewall rules. However, this tool is easy to use, but it will damage the firewall configuration that has been manually created. Therefore, it is best to directly use this simple Firewall Configuration tool.

Use a command to activate NAT on the user Server:

Iptables-t nat-a postrouting-o eth0-j MASQUERADE

The most important part of this command is the-o eth0 option. This option specifies the name of the network interface that the user uses to connect to the network. Confirm that this option expresses the correct interface name.

If other firewall rules are activated on the user's server, you can use two command lines to ensure the following conditions are true: the wireless network traffic is connected to the network; the firewall allows you to reply to the server about the website traffic. The following command line helps you complete the task:

Iptables-a forward-I eth0-o wlan0-m state? State RELATED, ESTABLISHED-j ACCEPT

Iptables-a forward-I wlan0-o eth0-j ACCEPT

Then, you need to change/etc/sysconfig/iptables-config. If the following three parameter values in iptables-config are "yes", Fedora and its derivatives will reflect their excellent functions: reduce the iptables line entered in the command line:

IPTABLES_MODULES_UNLOAD

IPTABLES_SAVE_ON_STOP

IPTABLES_SAVE_ON_RESTART

Another thing needs to be done. the user's computer needs to propose an IP data packet so that the user's computer can act as a router. To achieve this, you can put the following command line in/etc/sysctl. conf:

Net. ipv4.ip _ forward = 1

Now that the configuration is complete, you can restart your computer to check whether everything is as expected. Then, you can use your own access point.