In this tutorial, i'll show you to setup a functional wireless access point (hotspot) on linux. We will host an access point and then configure some DHCP network paramters for settling in the traffic routing and will make some amendments according the needs. This would allow us to create and manage our own networks without special needs to care about.
In Windows, users usually used to accomplish this by running a couple command in command prompt and windows do the rest of this task itself by assigning predefined routing tables and IP ranges. Well, in linux we will have to do it ourself. What exactly we will carry out to accomplish this is host a network, let's for easiness say WiFi, and assign the IP ranges for traffic routing.
Hostapd
hostapd is a user-space daemon-process software to manage, host and implement wireless access points on the fly under the influence of nl80211 driver which still is under development phase and not yet fully supported by many adapters.
Dnsmasq
dnsmasq is a light-weight Dynamic Host Configuration Protocol (DHCP) server with support of dns forwarder, basically designed for small home or office networks. It certainly is fast and easier to modify.
Step 1 Install Packages
Update the environment and install the required packages. The commands will go like:
sudo apt-get update
sudo apt-get install hostapd dnsmasq
This will install the necessary packages or will update them if they are already installed.
Step 2 Wireless Card
Find your wireless adapter interface:
ifconfig
Here, you see the wireless interface is wlan0. Now, put this interface in monitor mode:
ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up
Step 3 Access Point
Create a new folder under your home directory to keep all the necessary files. Let's say the home directory is /root/ and ap be the name of folder to keep the network files. So,
sudo mkdir /root/ap
cd /root/ap
Create a hostapd configuration file and write the following instructions:
nano hostapd.conf
interface=wlan0
driver=nl80211
ssid=[AP Name]
hw_mode=g
channel=[AP Channel]
macaddr_acl=0
ignore_broadcast_ssid=0
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=TKIP
wpa_passphrase=somepassword
Press CTRL+X and then y to save the file. Note these parameters in the above configuration:
- interface: Wireless interface to host access point on.
- ssid: Essid of Network (Name).
- channel: AP channel.
- rsn_pariwise: RSN layer encryption to use.
- wpa_passphrase: Password for Access Point.
Now, just initiate the Access Point:
hostapd hostapd.conf
Step 3 DHCP
We will use dnsmasq for this part. We are required to setup network routing so that traffic could switch between network nodes and a path could be available to send data on. Open a new terminal and create a configuration file for dnsmasq.
nano dnsmasq.conf
interface=wlan0
dhcp-range=192.168.1.2,192.168.1.30,255.255.255.0,12h
dhcp-option=3,192.168.1.1
dhcp-option=6,192.168.1.1
server=8.8.8.8
log-queries
log-dhcp
listen-address=127.0.0.1
Save the file. Note the above parameters:
- interface: Access Point Interface
- dhcp-range: IP range for nodes
- dhcp-option:3: Gateway IP
- dhcp-option:6: DNS
Now, make some amendments in network routing and kick-start dnsmasq:
ifconfig wlan0 up 192.168.1.1 netmask 255.255.255.0
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1
dnsmasq -C dnsmasq.conf -d
Step 4 Traffic Forward
Until yet, we have our serviceable wireless access point available to use. You can try connecting and exploring it. But still, we have to provide internet access. Traffic forwarding in a manner is a procedure to forward traffic from one network end to another network. Hence, to do it, we are required another wireless or wired connection to our machine.
Lets say we have a wired internet connection on eth0 interface. Now, to forward traffic:
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface wlan0 -j ACCEPT
Note these two arguments in the above commands:
- --out-interface: should be the interface from which you are forwarding traffic, i.e. eth0
- --in-interface: Interface of Wireless Access Point for Internet Access, i.e. wlan0
Now, change the IP forward rules to permit the traffic forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
After being done. You are good to take a head-shot of your newly created hotspot network.
Conclusion
We have seen to host a wireless access point on linux. At first, we installed the required packages and then give directives to operate our card in monitor mode which was mandatory. After then, we initiated the access point and defined routing tables for nodes to communicate with each other. And at the end, we forwarded traffic from one network to another.