Linux stuff: Adding WiFi access point to share 3G modem

The following changes were needed to share a 3G modem's internet connection via my laptop's WiFi acting as Access Point (AP).

Assumptions: That all dependencies are installed and configured (hostapd, dnsmasq,

  1. Disable NetworkManager from managing the WiFi Since laptop is running Ubuntu Trusty Tahr, I had to first disable network manager from managing the WiFi. Use the nm applet to disable WiFi. Note: editing the /etc/network/interfaces achieves this after next reboot.

  2. Edit /etc/network/interfaces

iface wlan0 inet static
        address 192.168.0.1
        netmask 255.255.255.0
        broadcast 192.168.0.255
        post-up sleep 2 ; hostapd -B /etc/hostapd/minimal-wpa.conf ; service dnsmasq restart
        down pkill hostapd ; service dnsmasq restart
  1. Configure hostapd

/etc/hostapd/minimal-wpa.conf

#change wlan0 to your wireless device
interface=wlan0
driver=nl80211

# hostapd event logger configuration
#
# Two output method: syslog and stdout (only usable if not forking to
# background).
#
# Module bitfield (ORed bitfield of modules that will be logged; -1 = all
# modules):
# bit 0 (1) = IEEE 802.11
# bit 1 (2) = IEEE 802.1X
# bit 2 (4) = RADIUS
# bit 3 (8) = WPA
# bit 4 (16) = driver interface
# bit 5 (32) = IAPP
# bit 6 (64) = MLME
#
# Levels (minimum value for logged events):
#  0 = verbose debugging
#  1 = debugging
#  2 = informational messages
#  3 = notification
#  4 = warning
#
logger_syslog=-1
logger_syslog_level=3
logger_stdout=-1
logger_stdout_level=1

ctrl_interface=/var/run/hostapd
ctrl_interface_group=adm
country_code=ZA

ieee80211d=1
hw_mode=g

#ignore_broadcast_ssid=1
ignore_broadcast_ssid=0

ssid=ap_ssid
channel=6

#macaddr_acl=0
macaddr_acl=1
accept_mac_file=/etc/hostapd/hostapd.accept
deny_mac_file=/etc/hostapd/hostapd.deny


##### WPA/IEEE 802.11i configuration ##########################################

# Enable WPA. Setting this variable configures the AP to require WPA (either
# WPA-PSK or WPA-RADIUS/EAP based on other configuration). For WPA-PSK, either
# wpa_psk or wpa_passphrase must be set and wpa_key_mgmt must include WPA-PSK.
# For WPA-RADIUS/EAP, ieee8021x must be set (but without dynamic WEP keys),
# RADIUS authentication server must be configured, and WPA-EAP must be included
# in wpa_key_mgmt.
# This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0)
# and/or WPA2 (full IEEE 802.11i/RSN):
# bit0 = WPA
# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
#wpa=1
wpa=3

# WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit
# secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase
# (8..63 characters) that will be converted to PSK. This conversion uses SSID
# so the PSK changes when ASCII passphrase is used and the SSID is changed.
# wpa_psk (dot11RSNAConfigPSKValue)
# wpa_passphrase (dot11RSNAConfigPSKPassPhrase)
#wpa_psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
wpa_passphrase=secret passphrase
  1. dnsmasq configuration

/etc/dnsmasq.conf

# global

# For debugging purposes, log each DNS query as it passes through
# dnsmasq.
log-queries

# wlan0
interface=wlan0
listen-address=192.168.0.1
dhcp-option=44,192.168.0.1     # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
dhcp-option=3,192.168.0.1

dhcp-range=net:wlan0,192.168.0.100,192.168.0.219,12h

dhcp-host=AA:BB:CC:DD:EE:FF,andy,192.168.0.212,600m
...etc...

  1. Script to re-enable radio, start AP and enable NAT Assumes 3G modem is on wwan0.
#!/bin/bash
rfkill unblock `rfkill list | gawk '/phy0:/ {print substr($1,0,1)}'`
ifup wlan0
sleep 10
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables --table nat --append POSTROUTING --out-interface wwan0 -j MASQUERADE
iptables --append FORWARD --in-interface wlan0 -j ACCEPT

@ 09:19 PM on August 10 | 0 Comments

Useful *nix command-line stuff

I'm capturing here a few hints and URLs to pages that contain useful *nix (Unix/Linux/etc) commands. Sometimes I forget a command that was once useful, so here I am capturing them for my long-term memory!

Linux Commands - A practical reference

Simple Commands

To do something with files in a directory, easy syntax:

$ for f in *.c; do cmd $f; done

I find this simpler than find *.c -exec cmd {} \;, which has the habit of including the file path (e.g. ./filename in the command).

@ 02:59 PM on January 18 | 0 Comments

Toaster Pop-up fix

No, this is a real toaster (the thing that makes bread slices nice and crispy).

I bought this cheap "SIMPEX" toaster from H&M in Ljubljana. Type 12415 1233 according to the label on the underside.

Anyway, the thing stopped popping (actually, it stopped staying down.. I had to manually hold it down to toast my bread this morning).

So I took it apart to see what was the matter..

Read More »
@ 04:56 PM on August 31 | 0 Comments

Just upgrade admin

I was looking for a way to write to my Chyrp blog from my droid phone.. and it seems that all I needed to do was upgrade my Chyrp admin pages as decsribed in the Chyrp Development blog

@ 03:30 PM on August 31 | 0 Comments

WHCMS does not support "org.za"

I had an issue with WHCMS (the web host management system) not correctly identifying that unused "org.za" domains where actually available.

Whatever "org.za" domain I used, they would all fail with "Domain not available".

The solution is to edit the .../includes/whoisservers.php file and change the "org.za" line to:


.org.za|http://org.za/cgi-bin/rwhois?format=full&domain=|HTTPREQUEST-Domain not found

@ 09:45 PM on July 02 | 0 Comments

Disabling adverts on the Samsung Galaxy Y Pro (B5510)

Have a look at my latest post for some notes on how I edited my Samsung Galaxy Y Pro's "/etc/hosts" file, and blocked Google's adverts!

@ 05:11 PM on March 06 | 0 Comments

Postfix relaying using mail hosts based on "From" address

Have a look at my most recent page setting up postfix to use different mail relays based on the email's "From" address

@ 09:29 PM on March 02 | 0 Comments

Integrating svn with Nautilus

Finally! A plugin that lets you access all your favourite subversion commands that integrates with Nautilus. And that works!

I previously tried RabbitCVS but found that it totally sucked when I navigated into the Isis parent directory - it seemed to immediately recursively investigate all directories.

Anyway, after a serendipitous StackOverflow search, I found PagaVCS.

PagaVCS works really well, and it even has a version that installs on my Ubuntu 10.10 machine.

@ 06:16 PM on February 24 | 0 Comments

Apache Isis version 0.2.0-incubating Released

New Functionality

Have a look at the Release Notes for the full list, but a selected highlight list:

SQL/JDBC Database related

  • Persist and restore polymorphic classes
  • Allow users to override "isis_" table prefix

Other useful stuff

  • JSON viewer (for Restful Objects, up to v0.56).
  • New "onlinedemo" example to demonstrate combined html and json viewers as live example.

Other Improvements

After some internal discussion, we have revamped the Isis home page - hopefully it should now be more apparent what Isis is for, and how you can use it.

@ 01:10 PM on February 23 | 0 Comments

Tip: Hiding webapp port 8080 behind port 80

Use the Apache Webserver (httpd) to hide a webapp running on port 8080 behind port 80 (and even put it behind SSL).

I needed this when I found that a corporate firewall prevented access to my Isis webapp.

@ 06:19 PM on January 11 | 0 Comments

Apache Isis pages

Added Apache Isis Mini-pages, providing detailed content, in a hierarchical structure.

@ 02:51 PM on January 09 | 0 Comments

Apache Isis

I am a contributor to the Apache Isis project.

In particular, I have been working on the Isis SQL ObjectStore, to allow domain information to be saved to any database with JDBC drivers.

These pages will contain hints and techniques that I have picked up.

@ 03:37 PM on December 16 | 0 Comments