[SOLVED] need help setting up wifi hotspot

worshipper · 2024-01-15 15:00:41

I am trying to create a Wi-Fi hotspot to share my current Wi-Fi connection with my phone. I've been able to get DHCP working, the phone connects and is assigned an IP address... but I can't seem to access the internet via the hotspot. I've been at this for a whole day now, so I could really use a sanity check here to figure out where I'm going wrong.

I have a wireless card whose valid interface combinations are as follows (snipped from `iw list`; full output at end):

* #{ managed } <= 1, #{ AP, P2P-client, P2P-GO } <= 1,
total <= 2, #channels <= 1

Its interface `wlo1` is managed by NetworkManager.

Here are all the steps I have followed, in order, right after rebooting my system:

Create a virtual interface to serve as AP:

sudo iw dev wlo1 interface add wlo1_ap type __ap addr "12:34:56:78:90:ab"

Assign a static IP address to it:

sudo ip addr add 192.168.0.1/24 dev wlo1_ap

Prevent NetworkManager from managing it, by creating `/etc/NetworkManager/conf.d/unmanaged.conf`:

[keyfile]
unmanaged-devices=interface-name:wlo1_ap

Configure hostapd (`/etc/hostapd/hostapd.conf`):

interface=wlo1_ap
driver=nl80211
ssid=test
hw_mode=g
channel=11
ieee80211ax=1

Configure dnsmasq (`/etc/dnsmasq.conf`):

port=5300
interface=wlo1_ap
bind-interfaces # we need this because libvirt runs its own dnsmasq
dhcp-range=192.168.0.50,192.168.0.150,12h

Flush all nftables rules (I would not want to do this in practice, but `libvirt` creates a complicated NAT setup, so I want to bypass that for now - if I can get the hotspot working at all, I can handle those later):

sudo nft flush ruleset

Also note that I am using `iptables-nft`.

Configure NAT:

sudo nft add table inet nat
sudo nft add chain inet nat postrouting '{type nat hook postrouting priority 100 ;}'
sudo nft add rule inet nat postrouting oifname wlo1 masquerade
sudo nft add table inet filter
sudo nft add chain inet filter forward '{ type filter hook forward priority 0; policy drop; }'
sudo nft add rule inet filter forward ct state related,established accept
sudo nft add rule inet filter forward iifname wlo1_ap oifname wlo1 accept

Stop the concerned services in case they're running, and start them again:

sudo systemctl stop NetworkManager.service dnsmasq.service hostapd.service
sudo systemctl start NetworkManager.service dnsmasq.service hostapd.service

...and now try connecting with my phone, which tells me that there is no internet available on the hotspot.

I have also tried disabling ipv6 at the beginning and doing all this again:

echo "1" | sudo tee /proc/sys/net/ipv6/conf/all/disable_ipv6

Journal output for this boot:

sudo journalctl -b 0 -u hostapd -u dnsmasq -u NetworkManager

https://termbin.com/1g1j

Output of `iw list`:
https://termbin.com/6bps

Output of `iw dev`:
https://termbin.com/uuou

Output of `sudo nft list ruleset` (after these steps):
https://termbin.com/2ubl

Last edited by worshipper (2024-01-16 19:31:41)

-thc · 2024-01-15 15:26:09

The only thing missing for me is the actual IP forwarding.

sysctl net.ipv4.ip_forward

worshipper · 2024-01-15 16:54:55

I didn't configure that explicitly, but it was enabled from the start.

For completeness:

 sudo sysctl -a | grep forward
net.ipv4.conf.all.bc_forwarding = 0
net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.default.bc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.lo.bc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.virbr0.bc_forwarding = 0
net.ipv4.conf.virbr0.forwarding = 1
net.ipv4.conf.virbr0.mc_forwarding = 0
net.ipv4.conf.virbr1.bc_forwarding = 0
net.ipv4.conf.virbr1.forwarding = 1
net.ipv4.conf.virbr1.mc_forwarding = 0
net.ipv4.conf.virbr2.bc_forwarding = 0
net.ipv4.conf.virbr2.forwarding = 1
net.ipv4.conf.virbr2.mc_forwarding = 0
net.ipv4.conf.vnet0.bc_forwarding = 0
net.ipv4.conf.vnet0.forwarding = 1
net.ipv4.conf.vnet0.mc_forwarding = 0
net.ipv4.conf.vnet1.bc_forwarding = 0
net.ipv4.conf.vnet1.forwarding = 1
net.ipv4.conf.vnet1.mc_forwarding = 0
net.ipv4.conf.vnet2.bc_forwarding = 0
net.ipv4.conf.vnet2.forwarding = 1
net.ipv4.conf.vnet2.mc_forwarding = 0
net.ipv4.conf.wlo1.bc_forwarding = 0
net.ipv4.conf.wlo1.forwarding = 1
net.ipv4.conf.wlo1.mc_forwarding = 0
net.ipv4.conf.wlo1_ap.bc_forwarding = 0
net.ipv4.conf.wlo1_ap.forwarding = 1
net.ipv4.conf.wlo1_ap.mc_forwarding = 0
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_update_priority = 1
net.ipv4.ip_forward_use_pmtu = 0
net.ipv6.conf.all.forwarding = 0
net.ipv6.conf.all.mc_forwarding = 0
net.ipv6.conf.default.forwarding = 0
net.ipv6.conf.default.mc_forwarding = 0
net.ipv6.conf.lo.forwarding = 0
net.ipv6.conf.lo.mc_forwarding = 0
net.ipv6.conf.virbr0.forwarding = 0
net.ipv6.conf.virbr0.mc_forwarding = 0
net.ipv6.conf.virbr1.forwarding = 0
net.ipv6.conf.virbr1.mc_forwarding = 0
net.ipv6.conf.virbr2.forwarding = 0
net.ipv6.conf.virbr2.mc_forwarding = 0
net.ipv6.conf.vnet0.forwarding = 0
net.ipv6.conf.vnet0.mc_forwarding = 0
net.ipv6.conf.vnet1.forwarding = 0
net.ipv6.conf.vnet1.mc_forwarding = 0
net.ipv6.conf.vnet2.forwarding = 0
net.ipv6.conf.vnet2.mc_forwarding = 0
net.ipv6.conf.wlo1.forwarding = 0
net.ipv6.conf.wlo1.mc_forwarding = 0
net.ipv6.conf.wlo1_ap.forwarding = 0
net.ipv6.conf.wlo1_ap.mc_forwarding = 0

-thc · 2024-01-15 17:33:10

I somehow missed "libvirt" from your first post - I'm out of my depth.

Koatao · 2024-01-16 14:24:30

Hello,

According to `iw dev`, you did not transmit anything on wlo1.

When you have `wlo1_ap` and `wlo1` up and running, does your host (the AP) can still connect to the internet?
If so, what is the output of a traceroute from your phone to 8.8.8.8?

And I don't know if this has anything to do with your issue but :
According to `iw list`, you can have AP and managed at the same time but on only one channel!
But `iw dev` shows that, even though, `wlo1` and `wlo1_ap` are on the same channel (11), width and center are differents (which means physically, the card has to set up differently to transmit and receive).
I wonder what happens if your computer (AP) and your phone wants to transmit on the channel at the same time... I don't think your physical card can transmit for both interfaces at the same time... It could also create interferences, I guess. Keep in mind an AP must always stay up on the same channel, otherwise, you might miss packets from station(s).

Last edited by Koatao (2024-01-16 14:29:55)

seth · 2024-01-16 15:01:24

a Wi-Fi hotspot to share my current Wi-Fi connection with my phone

Afaics it looks like you're trying to https://wiki.archlinux.org/title/Softwa … -Fi_device but neither created a STA device nor does the HW seem capable of supporting such (and reading Koatao's post, he suspects the same)
Do you have a second network device (wifi dongle or rj45)

Next: is this an https://en.wikipedia.org/wiki/XY_problem ?
Assuming you've a wifi that your arch PC connects to (yeah) but the phone… can't?
Why? MAC filter on the AP? (Spoof it on the phone? Likely requires root acces, but might be more achievable?)

worshipper · 2024-01-16 19:30:04

I have managed to fix my issue. The error was actually really simple and stupid - the dnsmasq config I posted above uses port 5300, and of course my phone didn't know that. I changed it to 53 and everything worked. Now to figure out how to make it work with libvirt's iptables configuration... but that's a topic for a separate question

Afaics it looks like you're trying to https://wiki.archlinux.org/title/Softwa … -Fi_device but neither created a STA device nor does the HW seem capable of supporting such (and reading Koatao's post, he suspects the same)

I didn't need a separate _sta interface, I just used the existing one. As for the hardware support, you're right - I can't have two managed-mode interfaces, so I'm using the mostly-undocumented(!) '__ap' mode. I made a note of these things in the wiki, since it was really hard for me to figure out I needed to do this.

I'll mark this as Solved. Thank you seth, Koatao and -thc for your effort.

Arch Linux

#1 2024-01-15 15:00:41

[SOLVED] need help setting up wifi hotspot

#2 2024-01-15 15:26:09

Re: [SOLVED] need help setting up wifi hotspot

#3 2024-01-15 16:54:55

Re: [SOLVED] need help setting up wifi hotspot

#4 2024-01-15 17:33:10

Re: [SOLVED] need help setting up wifi hotspot

#5 2024-01-16 14:24:30

Re: [SOLVED] need help setting up wifi hotspot

#6 2024-01-16 15:01:24

Re: [SOLVED] need help setting up wifi hotspot

#7 2024-01-16 19:30:04

Re: [SOLVED] need help setting up wifi hotspot

Board footer