diff --git a/pages/RaspberryAP.md b/pages/RaspberryAP.md new file mode 100644 index 0000000..bb43ef5 --- /dev/null +++ b/pages/RaspberryAP.md @@ -0,0 +1,191 @@ +# Raspberry Pi Access Point + +for the Raspberry Pi 3, I used [this page](https://frillip.com/using-your-raspberry-pi-3-as-a-wifi-access-point-with-hostapd/) except for the /etc/network/interface which I did as below. + +Of course, first I had to do [Basic Raspberry Pi Set-up](https://wiki.rg.net/wiki/RaspberryPi). + +So I wanted to see the state of the USB card and driver + +``` +dmesg | grep rtl +[ 6.875478] usbcore: registered new interface driver rtl8192cu +lsusb +Bus 001 Device 002: ID 0424:9512 Standard Microsystems Corp. +Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub +Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp. +Bus 001 Device 004: ID 0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n WLAN Adapter +``` + +Next was installing hostapd and some utilities + +``` +apt-get install hostapd bridge-utils iw iptables-persistent +``` + +I wanted to run a wireless router, so followed, well adapted, the instructions at [http://qcktech.blogspot.com/2012/08/raspberry-pi-as-router.html](http://qcktech.blogspot.com/2012/08/raspberry-pi-as-router.html) and [http://learn.adafruit.com/setting-up-a-raspberry-pi-as-a-wifi-access-point/overview](http://learn.adafruit.com/setting-up-a-raspberry-pi-as-a-wifi-access-point/overview) and [http://secsup.net/index.php/shaded_grey/comments/comcast_consumer_ipv6_configuration_raspberry_pi_as_bridge_base_station/](http://secsup.net/index.php/shaded_grey/comments/comcast_consumer_ipv6_configuration_raspberry_pi_as_bridge_base_station/) + +Edit/create /etc/hostapd/hostapd.conf as follows: + +``` +interface=wlan0 +driver=nl80211 +ssid=rgnet-pi3 +hw_mode=g +channel=6 +macaddr_acl=0 +auth_algs=1 +ignore_broadcast_ssid=0 +wpa=2 +wpa_passphrase=arbitrarykeys +wpa_key_mgmt=WPA-PSK +wpa_pairwise=TKIP +rsn_pairwise=CCMP +``` + +And hack /etc/default/hostapd to the following (and be sure to remove the #ash) + +``` +DAEMON_CONF="/etc/hostapd/hostapd.conf" +``` + +Then configure /etc/network/interfaces + +``` +auto lo + iface lo inet loopback + +auto eth0 + iface eth0 inet dhcp + +auto wlan0 + iface wlan0 inet static + address 100.64.64.1/24 +``` + +Running an access point requires a dhcp server + +``` +apt-get install isc-dhcp-server +``` + +In /etc/dhcp/dhcpd.conf, make it authoritative by uncommenting + +``` +#authoritative; +``` + +and then hack + +``` +default-lease-time 3600; +max-lease-time 7200; +option domain-name "psg.com rg.net rpki.net"; +option domain-name-servers 8.8.8.8, 8.8.4.4; +option ntp-servers 50.135.235.34; + +# No service will be given on this subnet, but declaring it helps the +# DHCP server to understand the network topology. + +subnet 192.168.2.0 netmask 255.255.255.0 { + } + +subnet 100.64.64.0 netmask 255.255.255.0 { + range 100.64.64.10 100.64.64.100; + option broadcast-address 100.64.64.255; + option routers 100.64.64.1; + } +``` + +Network 192.168.2.0 is the ether over which I am working doing the install. + +And then start the dhcpd to test it + +``` +service isc-dhcp-server start +``` + +Get autostart scripts + +``` +ln -s /etc/init.d/networking /etc/rc2.d/S00networking +ln -s /etc/init.d/hostapd /etc/rc2.d/S02hostapd +ln -s /etc/init.d/isc-dhcp-server /etc/rc2.d/S02isc-dhcp-server +``` + +That last may already exist from the apt-get install. + +To allow forwarding, in /etc/sysctl.conf, uncomment + +``` +net.ipv4.ip_forward=1 +``` + +Set up the NAT in iptables + +``` +iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT +iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT +``` + +And the IPTABLE entry for the NAT + +``` +iptables-save | tee /etc/iptables/rules.v4 +``` + +The `iptables-persistent` will see this id loaded on boot. + +It would be wise to test with + +``` +# iptables -t nat -S +-P PREROUTING ACCEPT +-P INPUT ACCEPT +-P OUTPUT ACCEPT +-P POSTROUTING ACCEPT +-A POSTROUTING -o eth0 -j MASQUERADE +# iptables -S +-P INPUT ACCEPT +-P FORWARD ACCEPT +-P OUTPUT ACCEPT +-A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT +-A FORWARD -i wlan0 -o eth0 -j ACCEPT +``` + +Sad news + +``` +# /usr/sbin/hostapd -B -P /var/run/hostapd.pid /etc/hostapd/hostapd.conf +-bash: /usr/sbin/hostapd: No such file or directory +``` + +strangely enough, this worked + +``` +apt remove hostapd +apt install hostapd +[ 3.189542] usb 1-1.2: new high-speed USB device number 4 using dwc_otg +[ 3.321819] usb 1-1.2: New USB device found, idVendor=0bda, idProduct=8176 +[ 3.330893] usb 1-1.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3 +[ 3.339977] usb 1-1.2: Product: 802.11n WLAN Adapter +[ 3.346536] usb 1-1.2: Manufacturer: Realtek +[ 3.352383] usb 1-1.2: SerialNumber: 00e04c000001 +[ 4.800101] udevd[157]: starting version 175 +[ 7.230707] bcm2708-i2s bcm2708-i2s.0: Failed to create debugfs directory +[ 7.499568] usbcore: registered new interface driver rtl8192cu +pi-3:/root# /usr/sbin/hostapd -B -P /var/run/hostapd.pid /etc/hostapd/hostapd.conf +Configuration file: /etc/hostapd/hostapd.conf +Failed to create interface mon.wlan0: -95 (Operation not supported) +wlan0: Could not connect to kernel driver +Using interface wlan0 with hwaddr b8:27:eb:b1:68:9f and ssid "rgnet" +wlan0: interface state UNINITIALIZED->ENABLED +wlan0: AP-ENABLED +``` + +Set hostapd to auto-start, though I am not sure that this is needed + +``` +update-rc.d hostapd enable +``` +