Archive of August 2014

Linux stuff: Adding WiFi access point to share 3G modem

The following changes were needed to share a 3G modem's internet connection via my laptop's WiFi acting as Access Point (AP).

Assumptions: That all dependencies are installed and configured (hostapd, dnsmasq,

  1. Disable NetworkManager from managing the WiFi Since laptop is running Ubuntu Trusty Tahr, I had to first disable network manager from managing the WiFi. Use the nm applet to disable WiFi. Note: editing the /etc/network/interfaces achieves this after next reboot.

  2. Edit /etc/network/interfaces

iface wlan0 inet static
        address 192.168.0.1
        netmask 255.255.255.0
        broadcast 192.168.0.255
        post-up sleep 2 ; hostapd -B /etc/hostapd/minimal-wpa.conf ; service dnsmasq restart
        down pkill hostapd ; service dnsmasq restart
  1. Configure hostapd

/etc/hostapd/minimal-wpa.conf

#change wlan0 to your wireless device
interface=wlan0
driver=nl80211

# hostapd event logger configuration
#
# Two output method: syslog and stdout (only usable if not forking to
# background).
#
# Module bitfield (ORed bitfield of modules that will be logged; -1 = all
# modules):
# bit 0 (1) = IEEE 802.11
# bit 1 (2) = IEEE 802.1X
# bit 2 (4) = RADIUS
# bit 3 (8) = WPA
# bit 4 (16) = driver interface
# bit 5 (32) = IAPP
# bit 6 (64) = MLME
#
# Levels (minimum value for logged events):
#  0 = verbose debugging
#  1 = debugging
#  2 = informational messages
#  3 = notification
#  4 = warning
#
logger_syslog=-1
logger_syslog_level=3
logger_stdout=-1
logger_stdout_level=1

ctrl_interface=/var/run/hostapd
ctrl_interface_group=adm
country_code=ZA

ieee80211d=1
hw_mode=g

#ignore_broadcast_ssid=1
ignore_broadcast_ssid=0

ssid=ap_ssid
channel=6

#macaddr_acl=0
macaddr_acl=1
accept_mac_file=/etc/hostapd/hostapd.accept
deny_mac_file=/etc/hostapd/hostapd.deny


##### WPA/IEEE 802.11i configuration ##########################################

# Enable WPA. Setting this variable configures the AP to require WPA (either
# WPA-PSK or WPA-RADIUS/EAP based on other configuration). For WPA-PSK, either
# wpa_psk or wpa_passphrase must be set and wpa_key_mgmt must include WPA-PSK.
# For WPA-RADIUS/EAP, ieee8021x must be set (but without dynamic WEP keys),
# RADIUS authentication server must be configured, and WPA-EAP must be included
# in wpa_key_mgmt.
# This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0)
# and/or WPA2 (full IEEE 802.11i/RSN):
# bit0 = WPA
# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
#wpa=1
wpa=3

# WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit
# secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase
# (8..63 characters) that will be converted to PSK. This conversion uses SSID
# so the PSK changes when ASCII passphrase is used and the SSID is changed.
# wpa_psk (dot11RSNAConfigPSKValue)
# wpa_passphrase (dot11RSNAConfigPSKPassPhrase)
#wpa_psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
wpa_passphrase=secret passphrase
  1. dnsmasq configuration

/etc/dnsmasq.conf

# global

# For debugging purposes, log each DNS query as it passes through
# dnsmasq.
log-queries

# wlan0
interface=wlan0
listen-address=192.168.0.1
dhcp-option=44,192.168.0.1     # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
dhcp-option=3,192.168.0.1

dhcp-range=net:wlan0,192.168.0.100,192.168.0.219,12h

dhcp-host=AA:BB:CC:DD:EE:FF,andy,192.168.0.212,600m
...etc...

  1. Script to re-enable radio, start AP and enable NAT Assumes 3G modem is on wwan0.
#!/bin/bash
rfkill unblock `rfkill list | gawk '/phy0:/ {print substr($1,0,1)}'`
ifup wlan0
sleep 10
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables --table nat --append POSTROUTING --out-interface wwan0 -j MASQUERADE
iptables --append FORWARD --in-interface wlan0 -j ACCEPT

@ 09:19 PM on August 10 | 0 Comments