You are not logged in.
Hello!
I want to let a computer share the network it's connected to via wifi,
I am trying to use hostapd and after following the guide at https://wiki.archlinux.org/index.php/So … cess_Point
i have managed to get the access point up, but when I try to connect to it I get "> DHCP IP lease attempt failed"
Most examples mention dnsmasq, and I have it running with this configuration:
#cat /etc/dnsmasq.conf
interface=wlan0
dhcp-range=192.168.0.2,192.168.0.5,255.255.255.0,12h #
#cat /etc/network.d/bridge
INTERFACE="br0"
CONNECTION="bridge"
DESCRIPTION="Example Bridge connection"
BRIDGE_INTERFACES="eth0"
IP="dhcp"
#cat /etc/conf.d/netcfg
NETWORKS=(bridge)
WIRED_INTERFACE="eth0"
WIRELESS_INTERFACE="wlan0"
#cat /etc/conf.d/
NETWORKS=(bridge)
WIRED_INTERFACE="eth0"
WIRELESS_INTERFACE="wlan0"
#cat /etc/hostapd/hostapd.conf
interface=wlan0
bridge=br0
driver=nl80211
logger_syslog=-1
logger_syslog_level=1
logger_stdout=-1
logger_stdout_level=2
dump_file=/tmp/hostapd.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
ssid=test_essid
hw_mode=g
channel=7
beacon_int=100
dtim_period=2
max_num_sta=5
rts_threshold=2347
fragm_threshold=2346
macaddr_acl=0
auth_algs=3
ignore_broadcast_ssid=0
wmm_enabled=1
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0
eapol_key_index_workaround=0
eap_server=0
own_ip_addr=127.0.0.1
wpa=2
wpa_passphrase=XXXXXXXXXXXXX
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP
This is the output of ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.144.0.225 netmask 255.255.252.0 broadcast 10.144.3.255
inet6 fe80::20f:53ff:feb0:2c49 prefixlen 64 scopeid 0x20<link>
ether 00:0f:53:b0:2c:49 txqueuelen 0 (Ethernet)
RX packets 263 bytes 29403 (28.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 6081 (5.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
ether b8:27:eb:fc:1c:e5 txqueuelen 1000 (Ethernet)
RX packets 8926 bytes 704068 (687.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 658 bytes 139938 (136.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 16436
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 4 bytes 212 (212.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 212 (212.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
mon.wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
unspec 00-0F-53-B0-2C-49-3A-30-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 47 bytes 3140 (3.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::20f:53ff:feb0:2c49 prefixlen 64 scopeid 0x20<link>
ether 00:0f:53:b0:2c:49 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 247 bytes 32731 (31.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Note that the network I am connecting to is 10.144. and I can ssh into the machine trough this network.
When I connect with a wifi client I want it to get a 10.144. address and be able to interact with the other users
on the network as if it was directly connected to the network. (My main goal is this, but if I can get it working
as a router it's a improvement too)
Thanks for your help!
---EDIT--
I have now tried following this tutorial:
http://sirlagz.net/2012/08/09/how-to-us … er-part-1/
This part works, but when I come to part 2
http://sirlagz.net/2012/08/10/how-to-us … er-part-2/
It has this part that I cannot figure howto convert this to netcfg
iface br0 inet dhcp
bridge_ports eth0 wlan0
pre-up ifconfig eth0 0.0.0.0 up
pre-up ifconfig wlan0 0.0.0.0 up
pre-up brctl addbr br0
pre-up brctl addif br0 eth0
post-down ifconfig wlan0 0.0.0.0 down
post-down ifconfig eth0 0.0.0.0 down
post-down brctl delif br0 eth0
post-down brctl delbr br0
Last edited by Reccra (2012-09-28 09:32:36)
Offline
I gave up trying to use netcfg and friends in the end, personally, because it just didn't seem to make sense or work as you'd expect.
One thing that may be worth changing is your dnsmasq setup, have it listen on br0 and not wlan0, but that's the only thing that stands out.
Offline
So now it is working (almost)
#[root@myhost etc]# grep -v -e ^# -e ^$ /etc/conf.d/netcfg
NETWORKS=(bridge)
WIRED_INTERFACE="eth0"
WIRELESS_INTERFACE="wlan0"
#[root@myhost etc]# grep -v -e ^# -e ^$ /etc/network.d/bridge
INTERFACE="br0"
CONNECTION="bridge"
DESCRIPTION="Example Bridge connection"
PRE_UP="ip link set dev eth0 promisc on" #This was important
BRIDGE_INTERFACES="eth0" #If i also had wlan0 here i could not connect to the device
IP="dhcp"
FWD_DELAY=0
#[root@myhost etc]# grep -v -e ^# -e ^$ /etc/sysctl.conf
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.all.accept_redirects = 1
net.ipv4.conf.all.accept_source_route = 1
net.ipv6.conf.all.accept_redirects = 1
net.ipv6.conf.all.accept_source_route = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
vm.min_free_kbytes=8192
The problem that I have now is that if I want to connect to the device itself while using the wifi bridge it takes a couple of seconds (~10 maybe) for it to respond and that if I am connected to the ethernet and then swap to go trough the wifi I don't seem to be able to connect to the device anymore.
Please note that I am not using dnsmasq anymore and my hostapd.conf is the same
ps. Will mark this as solved tomorrow to see if I manage to solve these issues first.
Last edited by Reccra (2012-09-25 09:50:58)
Offline
AFAICT eth0 is plugged into a router/dhcp server and gets IP 10.144.0.225 on a 10.144.0.0/22 network. Then you want to add eth0 and wlan0 into the bridge (the latter has to beinitialized by hostap, which is why you shouldn't have it in netcfg config). Does brctl show them after hostapd has started?
Next, why do you have ip_forward enabled? Have you disabled iptables in the bridge? You don't need to make eth0 promisc since netcfg does it for you:
$ cat /usr/lib/network/connections/bridge
#! /bin/bash
. /usr/lib/network/network
BRCTL="/usr/sbin/brctl"
bridge_up() {
local bridge_interface
load_profile "$1"
if [[ -e "/sys/class/net/$INTERFACE" ]]; then
if [[ ! -d "/sys/class/net/$INTERFACE/brif" ]]; then
report_fail "Interface $INTERFACE already exists and is not a bridge."
exit 1
fi
else
$BRCTL addbr "$INTERFACE"
fi
for bridge_client in $BRIDGE_INTERFACES; do
ip link set "$bridge_client" promisc on up
ip addr flush dev "$bridge_client"
$BRCTL addif "$INTERFACE" "$bridge_client"
done
# Set options
[[ "$FWD_DELAY" ]] && $BRCTL setfd "$INTERFACE" "$FWD_DELAY"
[[ "$MAX_AGE" ]] && $BRCTL setmaxage "$INTERFACE" "$MAX_AGE"
"$CONN_DIR/ethernet" up "$1"
return 0
}
bridge_down() {
local bridge_interface
load_profile "$1"
for bridge_client in $BRIDGE_INTERFACES; do
ip link set "$bridge_client" promisc off down
$BRCTL delif "$INTERFACE" "$bridge_client"
done
"$CONN_DIR/ethernet" down "$1"
$BRCTL delbr "$INTERFACE"
return 0
}
bridge_$1 "$2"
exit $?
# vim: set ts=4 et sw=4:
FWIW, here is sysctl.conf from my router:
#
# Kernel sysctl configuration
#
# Disable the magic-sysrq key (console security issues)
kernel.sysrq = 0
# Enable packet forwarding
net.ipv4.ip_forward = 1
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
# Enable source address verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Prevent uptime detection from port scanners
net.ipv4.tcp_timestamps = 1
# Enable source route verification
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Disable redirects
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
# Drop RST for TIME_WAIT sockets
net.ipv4.tcp_rfc1337 = 1
# Log martian packets
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.log_martians = 1
# Optimize VM disk writes
vm.dirty_writeback_centisecs = 1500
vm.swappiness = 15
# EOF
Notice that ip_forward is enabled as appropriate for a router, but you should disable it. And rc.local
$ cat /etc/rc.local
#!/bin/bash
#
# /etc/rc.local: Local multi-user startup script.
#
. /etc/rc.conf
. /etc/rc.d/functions
echo "Entering rc.local"
stat_busy "Setting WiFi powersave"
iw dev wap set power_save on
if [ $? -gt 0 ]; then
stat_fail
else
stat_done
fi
stat_busy "Setting CPU and SCSI powersavings"
echo 99 > /sys/devices/system/cpu/cpufreq/ondemand/up_threshold
echo 2 > /sys/devices/system/cpu/sched_mc_power_savings
for h in /sys/class/scsi_host/host?; do
if [ -f $h/link_power_management_policy ]; then
echo "min_power" > $h/link_power_management_policy
fi
done
stat_done
stat_busy "Remount /dev/shm noexec"
mount -o remount,noexec /dev/shm
if [ $? -gt 0 ]; then
stat_fail
else
stat_done
fi
stat_busy "Disable traffic filtering in the bridge"
for i in /proc/sys/net/bridge/bridge-nf-*; do
echo 0 > $i
done
stat_done
# EOF
Finally, I don't really understand your last problem. Can you explain it again please? And also some netstat or /usr/sbin/ss -arpt output...
Last edited by Leonid.I (2012-09-25 18:26:00)
Arch Linux is more than just GNU/Linux -- it's an adventure
pkill -9 systemd
Offline
Thanks for your replies, now I have disabled ip forwarding,
the problem with ssh was that it tried to do a dns lookup that failed.
The reason it failed is that it seems like the bridge host (the one with br0) does not seem to be able to connect anywhere except to the client that is connected to it.
I mean:
(10.144.) - (10.144.2.107) - (10.144.0.46)
Net - Bridge - Client,
I can ssh into Bridge from Client, but I send cant anything (Ping/connect etc) from Bridge to Net. Everything works fine from Client to net tough.
[root@Bridge etc]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.144.1.1 0.0.0.0 UG 205 0 0 br0
10.144.0.0 0.0.0.0 255.255.252.0 U 205 0 0 br0
[root@Bridge etc]# ss -arpt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 0 *:ssh *:* users:(("sshd",267,3))
ESTAB 0 0 10.144.2.107:ssh 10.144.0.46:56351 users:(("sshd",271,3))
ESTAB 0 0 10.144.2.107:ssh 10.144.0.46:56395 users:(("sshd",345,3))
LISTEN 0 0 :::ssh :::* users:(("sshd",267,4))
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.144.2.107 netmask 255.255.252.0 broadcast 10.144.3.255
inet6 fe80::ba27:ebff:fefc:1ce5 prefixlen 64 scopeid 0x20<link>
ether 00:0f:53:b0:2c:49 txqueuelen 0 (Ethernet)
RX packets 73020 bytes 6867080 (6.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3130 bytes 800748 (781.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
ether b8:27:eb:fc:1c:e5 txqueuelen 1000 (Ethernet)
RX packets 74579 bytes 9464012 (9.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5060 bytes 818996 (799.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 16436
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 156 bytes 15830 (15.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 156 bytes 15830 (15.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
mon.wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
unspec 00-0F-53-B0-2C-49-3A-30-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 477 bytes 53447 (52.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::20f:53ff:feb0:2c49 prefixlen 64 scopeid 0x20<link>
ether 00:0f:53:b0:2c:49 txqueuelen 1000 (Ethernet)
RX packets 8478 bytes 1086201 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 76359 bytes 12516094 (11.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@Bridge etc]# arp -n
Address HWtype HWaddress Flags Mask Iface
10.144.1.1 (incomplete) br0
10.144.2.162 ether 00:23:5a:28:af:cb C br0
10.144.0.46 ether 00:23:4d:1b:19:b2 C br0
I tried adding the gw manually with arp -s , but this didn't help.
Thanks for your help!
Offline
Somehow, Bridge can't connect to the gateway (incomplete mac). But it did negotiate for an IP lease... Can you post the same info on the Client, and also dhcp logs from the Bridge?
Arch Linux is more than just GNU/Linux -- it's an adventure
pkill -9 systemd
Offline
Everything is solved!
The issue was that the switch only allowed me to have one mac address per port, so when forwarding packets for the client, the bridge could not make any own connections!
Thanks for your help, I added dnsmasq and now it is working as a router.
Offline