Debian/ubuntu Linux: Using HOSTAPD to build wireless access points (WAP)

Nixcraft published on August 25, 2012, updated on July 9, 2014, applicable to Debian/ubuntu, network, UBUNTU LINUX, wireless network.

We have an idle USB wireless adapter (WiFi adapter), and our ISP router is wired. How do we turn our home NAS server into a wireless access point (WAP) and access it using a wireless device in a Debian or Ubuntu system without buying an additional WPA box?

You need to use HOSTAPD as the access point and authentication server. It implements IEEE 802.11 access point Management, IEEE802.1X/WPA/WPA2/EAP authorization, RADIUS client, EAP server, and RADIUS authorization server. The latest version supports Linux:

1. Host AP

2, Madwifi

3, mac80211-based

You can use a USB or Pci/mini-pci interface nic. Please note that not all network card LIVE drivers support AP mode.

Case Installation

1, Wlan0-Wireless PCI or USB device connected to Linux, can use a/b/g and WPA2 in AP mode.

2, eth0-wired network card, port connected to a router or switch, with Internet access.

Case Network

Internet \ |\ +------------+ rj-11/adsl-line \-----+ ISP Router |             +--------+ +------------+ RJ-45 (eth0)-------+ switches |             192.168.1.2 +--------+ DNS/DHCPD |                                               Service + +----> Laptop Wireless Firewall |      +----> Home NAS Server Wireless card wlan0 and eth0 wired network card |                                               Configure 192.168.1.11 static IP +----> Desktop wired                                               |                                               +----> HP Printer Cable |                                               +----> Andriod flat-screen Wireless | +----> Andriod mobile phone wireless, etc.

Step 1: Install HOSTAPD

Input command: # apt-get Install HOSTAPD

Output Example:

reading package lists ... Donebuilding dependency treereading state information ... Donethe following NEW packages'll be installed:hostapd0 upgraded, 1 newly installed, 0 to remove and UPGRADED.N Eed to get 346 kB of archives. After this operation, 877 KB of additional disk space would be used. Get:1 http://debian.osuosl.org/debian/squeeze/main HOSTAPD amd64 1:0.6.10-2 [346 kb]fetched 346 kB in 2s (151 kb/s) Select ING previously deselected package HOSTAPD. (Reading database ... 267669 files and directories currently installed.) Unpacking HOSTAPD (from .../hostapd_1%3a0.6.10-2_amd64.deb) ... Processing triggers for man-db ... Setting up HOSTAPD (1:0.6.10-2) ... 

Step 2: Configure HOSTADP

Edit /ETC/DEFAULT/HOSTAPD, type:

# VI/ETC/DEFAULT/HOSTAPD

Remove the comment before daemon_conf and set its value to the absolute path of the HOSTAPD configuration file, so that HOSTAPD will start with the system:

daemon_conf= "/etc/default/hostapd.conf"

Save, close the file. Then create a text file:/etc/hostapd/hostapd.conf, type:

Set interface Name:

# # # Wireless Network Name # # #Interface=wlan0 # # # Set your bridge name # # #Bridge=br0

Set the driver name

driver=nl80211

Set the country name code, in accordance with ISO/IEC 3166-1 format. This is used to set the admin domain. Set as needed to indicate which country the device is operating in. This will limit the available channels and transmit power.

(=) # # #country_code= in

To set your SSID:

SSID=Nixcraft

Set operating mode (A=ieee 802.11a, B = IEEE 802.11b, G = IEEE 802.11g):

Hw_mode=g

Set the channel (some drivers use only the value 0):

Channel=6

Set WPA mode to 2:

WPA=2

Set your passphrase (WiFi connection password):

wpa_passphrase=Mywifipassword

Set key and authentication management options for WPA2

# # Key Management Algorithm # #Wpa_key_mgmt=WPA-PSK# # Set Cipher Suites(Encryption algorithms)####TKIP=temporal Key Integrity Protocol##CCMP=AES in Counter mode with Cbc-macwpa_pairwise=TKIPrsn_pairwise=CCMP# # Shared key Authentication # #Auth_algs=1# # Accept All Mac Access # # #Macaddr_acl=0

Save and close the file.

How do I start/stop/Restart the AP?

Use the following command:

#/etc/init.d/hostapd start
#/etc/init.d/hostapd stop
#/etc/init.d/hostapd restart

Step 3: Configure/etc/network/interfaces

You can make the Wlan0 work in standalone mode, or you can bridge it to eth0. Bridging mode allows your wireless clients to access other LANs, and you can connect to the Internet. Most users bridge the wireless interface to an interface on which the AP has a internnet connection.

Set Br0 (wlan0+eth0) for bridging mode

The Bridge-utils package needs to be installed to configure the Linux network mezzanine Bridge Connection:

# Apt-get Install Bridge-utils

Output:

Reading Package Lists ... Donebuilding dependency treereading state information ... Donethe following NEW packages'll be INSTALLED:BRIDGE-UTILS0 upgraded, 1 newly installed, 0 to remove and Upgra Ded. Need to get 32.7 kB of archives. After this operation, 176 KB of additional disk space would be used. Get:1 http://debian.osuosl.org/debian/squeeze/main bridge-utils amd64 1.4-5 [32.7 kb]fetched 32.7 kB in 1s (25.5 kb/s) Sel Ecting previously deselected package bridge-utils. (Reading database ... 267692 files and directories currently installed.) Unpacking Bridge-utils (from .../bridge-utils_1.4-5_amd64.deb) ... Processing triggers for man-db ... Setting up Bridge-utils (1.4-5) ...

Edit /etc/network/interfaces, enter:

# vi/etc/network/interfaces

Modify, or set its configuration as follows:

Auto Lo br0iface lo inet loopback # wireless Wlan0allow-hotplug wlan0iface wlan0 inet Manual # eth0 connected to the ISP R Outerallow-hotplug eth0iface eth1 inet Manual # Setup bridgeiface br0 inet static bridge_ports wlan0 eth0 Address192.168. 1. OneNetmask255.255. 255. 0Network192.168. 1. 0# # ISP Router IP,192.168. 1. 2Also runs DHCPD # # Gateway192.168. 1. 2Dns-nameservers192.168. 1. 2

Save and close the file. Here, I recommend restarting your computer, or restarting all services as follows (using a remote SSH session may not work):

#/etc/init.d/networking Restart
#/ETC/INIT.D/HOSTAPD Restart

Or:

# reboot

About DHCPD's attention

Since you let WAP run in bridged (br0) mode, DHCPD on WAP is not required. It can use DHCPD servers anywhere in the LAN. In this example 192.168.1.2 is an ISP router that provides the DHCPD service. If you are not using a DHCPD server, refer to the following installation:

• Ubuntu/debian Linux:setup an ISC DHCP Server for Your Network

Notice about the Firewall

You can install a firewall to defend against attacks. See here: Install Shorewall on Debian or Ubuntu Linux.

How to deal with WAP problem?

The log information for WPA is in the/var/log/syslog file:

# tail-f/var/log/syslog

Check if the DHCPD relay is working:

# Tcddump-n Port 67 or ORT 68

Make sure the firewall does not block the required ports:

#/sbin/iptables-l-n-v | Less

Make sure that the MAC address of the BR0 is correct, and that it is already running:

# ifconfig Br0
# Ifconfig | grep HW
# Brctl Show
# brctl Showmacs bro

Use these commands to view wireless network speed, signal strength, and other information.

Finally, make sure you are using the latest version of the following software:

• Linux kernel
• Wireless Card Drivers and firmware
• Hostapd

Reference:

• HOSTAPD documentation from the Linux kernel wireless wiki.
• Download latest version of HOSTAPD from the official web-site or read documentation here or run the commandvi /usr/share/doc/hostapd/examples/hostapd.conf.gz
• Man PAGES-HOSTAPD, Brctl command, and interfaces

Original

Debian/ubuntu Linux: Using HOSTAPD to build wireless access points (WAP)