You are not logged in.
OBLiQUE wrote:The only workaround for NetworkManager is to put your wifi interface in the 'unmanaged-devices' of NetworkManager.
To do this you have to edit the /etc/NetworkManager/NetworkManager.conf and put the following (without the <>):I used to create an AP alongside NetworkManager without those changes. To stop nm from using the wlan device, I executed "nmcli nm wifi off", then "rfkill unblock wlan". When I was done "nmcli nm wifi on" and NetworkManager takes over again.
I am running UFW and it works with my custom script. This is my iptables setup
iptables -t nat -A POSTROUTING -o $eth -j MASQUERADE iptables -A FORWARD -i $wlan -s $_subnet -j ACCEPT iptables -A FORWARD -i $eth -d $_subnet -j ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward
Thanks for the infos. I don't want to use 'nmcli nm wifi off' because maybe someone has two wifi interfaces, the first for the internet and the second for internet sharing. The 'nmcli nm wifi off' will disable both of them.
About the UFW, I will update my script when I have time to do some tests. Maybe fantab can confirm your workarround.
Offline
Not a major point but add deps to README, great work thanks for sharing
Mr Green
Offline
Added. I will also add some troubleshooting later.
Offline
I confirm that it is UFW that obstructs the script functionality.
I had 'disabled ufw' and the Script connects just fine.
I gave progandy's workaround a go but that didn't help me.
Meanwhile I also tried workaround for UFW: as suggested here.
Even in Ubuntu "AP" scripts don't work with UFW enabled.
My understanding of iptables and networking in general, is at best, poor. I am also not sure if I did everything right in implementing progandy's workaround or customized it correctly to suit my case.
EDIT: When the connection is unsuccessful my Android fails to obtain IP address.
Last edited by fantab (2013-09-28 17:55:39)
"Evolution is the nature's way of issuing upgrades".
__________________________________________________________
Arch_x64-Gnome-Shell ~ Arch-lts_x64-Xfce ~ LMDE_x64-Cinnamon
Offline
I am able to connect just fine , first time.But when I remove adapter and reconnect it and try to run script it gives following error.
I tried to restarting dnsmasq , uncommented bind_interfaces in dnsmasq.conf but no avail.
dnsmasq: failed to create listening socket for 192.168.12.1: Address already in use
Offline
Can I use create_ap to set up a bridge? wlan0 -> br0
Mr Green
Offline
EDIT: Solved by hdd failure and clean Arch installation. Now it works perfect. Please, delete this post.
Hello,
I tried this script and it worked as said. But after restart I cannot connect/search/recreate AP. I have no idea wh I'm getting these outputs:
$ sudo iwlist wlan0 scan
wlan0 No scan results
$ sudo iwconfig wlan0
wlan0 IEEE 802.11bg Mode:Master Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Power Management:on
$ sudo iwconfig wlan0 mode managed
Error for wireless request "Set Mode" (8B06) :
SET failed on device wlan0 ; Device or resource busy.
$ sudo ifconfig -a
br0: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether c4:17:fe:a3:7f:6c txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp9s0: ...
lo: ...
wlan0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether c4:17:fe:a3:7f:6c txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5 bytes 508 (508.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
I have no idea where to look/what to debug. Normally I'm using wicd.
Aaand, the script wasn't exiting so I had to kill it.
Can you help me how to fix it?
Thanks in advance and sorry for bad english.
Last edited by Seanter (2013-10-06 09:45:15)
Offline
I'm having problem with this... I am using NetworkManager, and I did put wifi as umanaged device of NetowrkManager, then ran the script, it created a AP network with my SSID and I was able to connect to it with my HTC One and surf the net. But only for like 3-4 minutes, after that I lost connection to the internet on my PC. My phone is still connected to the AP network, but it can't reach the internet, same as PC. Interesting NetworkManager still says that I'm connected to my wired network. After disabling networking in nm-applet (kde version) and enabling it, i get the internet connection but again for like 5 minutes or less. I have no idea why is this happening... Anyone else having similar problems ?
Offline
This may be dumb, but is it possible to "interface to create AP and interface that has internet access" to be the same ... i.e can I do something like :
./create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase ??
because my wireless needs to be signed in via hotspot so I jut want to login through one device and share my internet from that device to all other ?
Offline
Grreat script OBLiQUE, it really makes things easier.
It ran for me the first time I tried, with and without encryption
I made a little addition to your script to add support for bridged-mode, that is an AP that bridges the network instead of NAT'ing and DHCP'ing.
It should work exactly the same way as before, only now you can add "-m bridge" to enable bridged mode (default is still NAT'ing).
If you want to, please integrate it into you code in github, so others can benefit from it too...
Diff:
# diff create_ap create_ap.orig
11,12d10
< # brctl
< # dhclient
25,26d22
< echo " -m <method> Method for Internet sharing."
< echo " Use 'nat' for NAT, 'bridge' for bridging (default: nat)"
35,36c31
< #ip link show "$1" | sed -n 's/.*ether \([0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]\) .*/\1/p'
< ip link show "$1" | grep ether | grep -Eo '([0-9a-f]{2}:){5}[0-9a-f]{2}\s'
---
> ip link show "$1" | sed -n 's/.*ether \([0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]\) .*/\1/p'
39,56c34
< get_avail_bridge() {
< i=0
< for i in `seq 0 1 100`; do
< curr_bridge=$(brctl show | grep "br$i" | cut -s -f1)
< if [[ -z $curr_bridge ]]; then
< break
< fi
<
< if [[ $i -gt 99 ]]; then
< echo "ERROR: No availabe bridges < br100"
< exit 1
< fi
< done
<
< echo "br$i"
< }
<
< ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden" -n $(basename $0) -- "$@")
---
> ARGS=$(getopt -o hc:w:g:dn -l "help","hidden" -n $(basename $0) -- "$@")
60a39
> GATEWAY=192.168.12.1
65,66d43
< SHARE_INTERNET_METHOD=nat
< NAT_GATEWAY=192.168.12.1
95c72
< NAT_GATEWAY="$1"
---
> GATEWAY="$1"
107,113d83
< -m)
< shift
< if [[ -n "$1" ]]; then
< SHARE_INTERNET_METHOD="$1"
< shift
< fi
< ;;
126,130d95
< if [[ "$SHARE_INTERNET_METHOD" != "nat" && "$SHARE_INTERNET_METHOD" != "bridge" ]]; then
< echo "Wrong Internet sharing method"
< usage
< exit 1
< fi
134d98
< BRIDGE_IFACE=$(get_avail_bridge)
179,182d142
< if [[ $SHARE_INTERNET -eq 1 && "$SHARE_INTERNET_METHOD" = "bridge" ]]; then
< echo "bridge=$BRIDGE_IFACE" >> $CONFDIR/hostapd.conf
< fi
<
187,188c147,148
< dhcp-range=${NAT_GATEWAY%.*}.1,${NAT_GATEWAY%.*}.254,255.255.255.0,24h
< dhcp-option=option:router,${NAT_GATEWAY}
---
> dhcp-range=${GATEWAY%.*}.1,${GATEWAY%.*}.254,255.255.255.0,24h
> dhcp-option=option:router,${GATEWAY}
197c157
< ip addr add ${NAT_GATEWAY}/24 dev ${WIFI_IFACE}
---
> ip addr add ${GATEWAY}/24 dev ${WIFI_IFACE}
199c159
< # enable Internet sharing
---
> # enable NATed Internet sharing
201,211c161,164
< echo "Sharing Internet using method: $SHARE_INTERNET_METHOD"
< if [[ "$SHARE_INTERNET_METHOD" = "nat" ]]; then
< iptables -t nat -A POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE
< iptables -A FORWARD -i ${WIFI_IFACE} -j ACCEPT
< OLD_IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward)
< echo 1 > /proc/sys/net/ipv4/ip_forward
< elif [[ "$SHARE_INTERNET_METHOD" = "bridge" ]]; then
< brctl addbr $BRIDGE_IFACE
< brctl addif $BRIDGE_IFACE $INTERNET_IFACE
< dhclient $BRIDGE_IFACE
< fi
---
> iptables -t nat -A POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE
> iptables -A FORWARD -i ${WIFI_IFACE} -j ACCEPT
> OLD_IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward)
> echo 1 > /proc/sys/net/ipv4/ip_forward
222,224c175
< if [[ $SHARE_INTERNET -eq 1 && "$SHARE_INTERNET_METHOD" = "nat" ]]; then
< dnsmasq -C $CONFDIR/dnsmasq.conf -x $CONFDIR/dnsmasq.pid
< fi
---
> dnsmasq -C $CONFDIR/dnsmasq.conf -x $CONFDIR/dnsmasq.pid
240,241d190
< echo "Doing cleanup..."
<
248,255c197,199
< if [[ "$SHARE_INTERNET_METHOD" = "nat" ]]; then
< iptables -t nat -D POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE
< iptables -D FORWARD -i ${WIFI_IFACE} -j ACCEPT
< echo $OLD_IP_FORWARD > /proc/sys/net/ipv4/ip_forward
< elif [[ "$SHARE_INTERNET_METHOD" = "bridge" ]]; then
< ip link set down $BRIDGE_IFACE
< brctl delbr $BRIDGE_IFACE
< fi
---
> iptables -t nat -D POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE
> iptables -D FORWARD -i ${WIFI_IFACE} -j ACCEPT
> echo $OLD_IP_FORWARD > /proc/sys/net/ipv4/ip_forward
I also improved your get_macaddr() a bit (but left your original for reference).
\\Batnas
Last edited by batnas (2013-11-04 09:43:11)
Offline
Thanks OBLiQUE for this!
I use Arch Linux ARM on a Raspberry Pi and was very easy to setup wifi AP with your script. I have mobile internet so it was just:
"./create_ap wlan0 ppp0 apname pass"
What I would like to achieve is to make my raspi similar to a router (a bit). So my question is how can I transfer the internet through eth0 (the ethernet port of raspi) with the same addressing as in the script (192.168.2.x)? So that afterwards I can ping from my connected computer any device attached to the wifi network (wlan0)? Currenlt I transfer ppp0 with these commands:
"ifconfig eth0 192.168.1.1;iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE", but this way the ip addresses are different 192.168.2.x and 192.168.1.y.
Also, how can I set it in your script that the ip addresses given to the devices connected to wlan0 would start at eg. 192.168.2.10 ?
Thanks for any help in advance!
Offline
I think I need to bridge eth0 and wlan to br0 with:
brctl addbr br0; brctl addif br0 eth0; brctl addif br0 wlan0
Then start the script with:
./create_ap br0 ppp0 apname pass
Would the access point work this way?
Offline
Hello. First of all thank you very much for the script.
I have a problem. I'm using a Dell Vostro that has an Intel Corporation Centrino Wireless-N 1030.
According to the iw command my card has support for AP.
$ iw list
Supported interface modes:
* IBSS
* managed
* AP
* AP/VLAN
* monitor
My network interfaces are as IP LINK command:
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether <My other MAC> brd ff:ff:ff:ff:ff:ff
3: wlp9s0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN mode DEFAULT qlen 1000
link/ether <My MAC> brd ff:ff:ff:ff:ff:ff
But when you run the script I get this error:
Config dir: /tmp/create_ap.wlp9s0.conf.V7hknMS5
hostapd command-line interface: hostapd_cli -p /tmp/create_ap.wlp9s0.conf.V7hknMS5/hostapd_ctrl
Configuration file: /tmp/create_ap.wlp9s0.conf.V7hknMS5/hostapd.conf
nl80211: Failed to set interface wlp9s0 into AP mode
nl80211 driver initialization failed.
Hostapd failed to run, maybe a program is interfering.
If you use NetworkManager then add the following in
/etc/NetworkManager/NetworkManager.conf and retry.
Don't forget to remove it after you finish.
[keyfile]
unmanaged-devices=mac:<My MAC>
I added at the end of the file /etc/NetworkManager/NetworkManager.conf line:
unmanaged-devices=mac:<My MAC>
But it does not work.
Last edited by elav (2013-11-08 14:01:55)
Offline
Update: I can already connect: D but I can not surf the Internet.
Offline
Grreat script OBLiQUE, it really makes things easier.
It ran for me the first time I tried, with and without encryptionI made a little addition to your script to add support for bridged-mode, that is an AP that bridges the network instead of NAT'ing and DHCP'ing.
It should work exactly the same way as before, only now you can add "-m bridge" to enable bridged mode (default is still NAT'ing).If you want to, please integrate it into you code in github, so others can benefit from it too...
Diff:
# diff create_ap create_ap.orig 11,12d10 < # brctl < # dhclient 25,26d22 < echo " -m <method> Method for Internet sharing." < echo " Use 'nat' for NAT, 'bridge' for bridging (default: nat)" 35,36c31 < #ip link show "$1" | sed -n 's/.*ether \([0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]\) .*/\1/p' < ip link show "$1" | grep ether | grep -Eo '([0-9a-f]{2}:){5}[0-9a-f]{2}\s' --- > ip link show "$1" | sed -n 's/.*ether \([0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]\) .*/\1/p' 39,56c34 < get_avail_bridge() { < i=0 < for i in `seq 0 1 100`; do < curr_bridge=$(brctl show | grep "br$i" | cut -s -f1) < if [[ -z $curr_bridge ]]; then < break < fi < < if [[ $i -gt 99 ]]; then < echo "ERROR: No availabe bridges < br100" < exit 1 < fi < done < < echo "br$i" < } < < ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden" -n $(basename $0) -- "$@") --- > ARGS=$(getopt -o hc:w:g:dn -l "help","hidden" -n $(basename $0) -- "$@") 60a39 > GATEWAY=192.168.12.1 65,66d43 < SHARE_INTERNET_METHOD=nat < NAT_GATEWAY=192.168.12.1 95c72 < NAT_GATEWAY="$1" --- > GATEWAY="$1" 107,113d83 < -m) < shift < if [[ -n "$1" ]]; then < SHARE_INTERNET_METHOD="$1" < shift < fi < ;; 126,130d95 < if [[ "$SHARE_INTERNET_METHOD" != "nat" && "$SHARE_INTERNET_METHOD" != "bridge" ]]; then < echo "Wrong Internet sharing method" < usage < exit 1 < fi 134d98 < BRIDGE_IFACE=$(get_avail_bridge) 179,182d142 < if [[ $SHARE_INTERNET -eq 1 && "$SHARE_INTERNET_METHOD" = "bridge" ]]; then < echo "bridge=$BRIDGE_IFACE" >> $CONFDIR/hostapd.conf < fi < 187,188c147,148 < dhcp-range=${NAT_GATEWAY%.*}.1,${NAT_GATEWAY%.*}.254,255.255.255.0,24h < dhcp-option=option:router,${NAT_GATEWAY} --- > dhcp-range=${GATEWAY%.*}.1,${GATEWAY%.*}.254,255.255.255.0,24h > dhcp-option=option:router,${GATEWAY} 197c157 < ip addr add ${NAT_GATEWAY}/24 dev ${WIFI_IFACE} --- > ip addr add ${GATEWAY}/24 dev ${WIFI_IFACE} 199c159 < # enable Internet sharing --- > # enable NATed Internet sharing 201,211c161,164 < echo "Sharing Internet using method: $SHARE_INTERNET_METHOD" < if [[ "$SHARE_INTERNET_METHOD" = "nat" ]]; then < iptables -t nat -A POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE < iptables -A FORWARD -i ${WIFI_IFACE} -j ACCEPT < OLD_IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward) < echo 1 > /proc/sys/net/ipv4/ip_forward < elif [[ "$SHARE_INTERNET_METHOD" = "bridge" ]]; then < brctl addbr $BRIDGE_IFACE < brctl addif $BRIDGE_IFACE $INTERNET_IFACE < dhclient $BRIDGE_IFACE < fi --- > iptables -t nat -A POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE > iptables -A FORWARD -i ${WIFI_IFACE} -j ACCEPT > OLD_IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward) > echo 1 > /proc/sys/net/ipv4/ip_forward 222,224c175 < if [[ $SHARE_INTERNET -eq 1 && "$SHARE_INTERNET_METHOD" = "nat" ]]; then < dnsmasq -C $CONFDIR/dnsmasq.conf -x $CONFDIR/dnsmasq.pid < fi --- > dnsmasq -C $CONFDIR/dnsmasq.conf -x $CONFDIR/dnsmasq.pid 240,241d190 < echo "Doing cleanup..." < 248,255c197,199 < if [[ "$SHARE_INTERNET_METHOD" = "nat" ]]; then < iptables -t nat -D POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE < iptables -D FORWARD -i ${WIFI_IFACE} -j ACCEPT < echo $OLD_IP_FORWARD > /proc/sys/net/ipv4/ip_forward < elif [[ "$SHARE_INTERNET_METHOD" = "bridge" ]]; then < ip link set down $BRIDGE_IFACE < brctl delbr $BRIDGE_IFACE < fi --- > iptables -t nat -D POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE > iptables -D FORWARD -i ${WIFI_IFACE} -j ACCEPT > echo $OLD_IP_FORWARD > /proc/sys/net/ipv4/ip_forward
I also improved your get_macaddr() a bit (but left your original for reference).
\\Batnas
Do you mind to give me your newest script? OBLiQUE hasn't integrate it into his github and I don't know how to integrate it myself.
Thanks before.
Offline
Sorry guys, I'm a bit busy this month. I will try to answer your questions in few days. For now I added the -m option and you can choose if you want a NATed or bridged Internet sharing, the default is NATed.
example
./create_ap -m bridge wlan0 eth0 MyAccessPoint MyPassPhrase
@batnas, thanks for the patch. I integrate it to create_ap and I did some improvements to it.
Offline
So these are my answers:
I am able to connect just fine , first time.But when I remove adapter and reconnect it and try to run script it gives following error.
I tried to restarting dnsmasq , uncommented bind_interfaces in dnsmasq.conf but no avail.dnsmasq: failed to create listening socket for 192.168.12.1: Address already in use
You must not run dnsmasq daemon by your own, create_ap will do it. That's why you got this error.
Can I use create_ap to set up a bridge? wlan0 -> br0
Now you can, see my above post.
I'm having problem with this... I am using NetworkManager, and I did put wifi as umanaged device of NetowrkManager, then ran the script, it created a AP network with my SSID and I was able to connect to it with my HTC One and surf the net. But only for like 3-4 minutes, after that I lost connection to the internet on my PC. My phone is still connected to the AP network, but it can't reach the internet, same as PC. Interesting NetworkManager still says that I'm connected to my wired network. After disabling networking in nm-applet (kde version) and enabling it, i get the internet connection but again for like 5 minutes or less. I have no idea why is this happening... Anyone else having similar problems ?
That's strange, maybe another program is interfering. See my above post on how you can use bridge mode and try with that.
This may be dumb, but is it possible to "interface to create AP and interface that has internet access" to be the same ... i.e can I do something like :
./create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase ??
because my wireless needs to be signed in via hotspot so I jut want to login through one device and share my internet from that device to all other ?
You need a second wifi adapter to do this. For example with wlan0 you can get your internet connection and with wlan1 you can share your internet connection.
What I would like to achieve is to make my raspi similar to a router (a bit). So my question is how can I transfer the internet through eth0 (the ethernet port of raspi) with the same addressing as in the script (192.168.2.x)? So that afterwards I can ping from my connected computer any device attached to the wifi network (wlan0)?
You can do this with the bridge mode, see my above post.
Update: I can already connect: D but I can not surf the Internet.
Did you get any errors? Try with bridge mode.
Last edited by OBLiQUE (2013-11-18 18:00:10)
Offline
bl4ckb0x wrote:This may be dumb, but is it possible to "interface to create AP and interface that has internet access" to be the same ... i.e can I do something like :
./create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase ??
because my wireless needs to be signed in via hotspot so I jut want to login through one device and share my internet from that device to all other ?You need a second wifi adapter to do this. For example with wlan0 you can get your internet connection and with wlan1 you can share your internet connection..
Actually i am afraid it is possible please read this link
http://linuxalfi.wordpress.com/2011/11/ … interface/
i hope that it could be possible to add the mentionend script to create_ap script for the reason. this is a good way to share internet which uses hotspot and http proxy.
Offline
Actually i am afraid it is possible please read this link
http://linuxalfi.wordpress.com/2011/11/ … interface/
i hope that it could be possible to add the mentionend script to create_ap script for the reason. this is a good way to share internet which uses hotspot and http proxy.
Thanks!! Now you can create an AP from the same interface. Just do:
./create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase
Also, now create_ap can set/unset automatically the "unmanaged device" for Network Manager.
Offline
Thank for your work.In fact I am surprised there's an excellent script on the forum
It helps me a lot.But there is still some trouble.
It starts well, but it doen't share internet.
sudo create_ap wlan1 ppp0 mywifi mypass
Config dir: /tmp/create_ap.wlan1.conf.y7BudENh
hostapd command-line interface: hostapd_cli -p /tmp/create_ap.wlan1.conf.y7BudENh/hostapd_ctrl
Configuration file: /tmp/create_ap.wlan1.conf.y7BudENh/hostapd.conf
Using interface wlan1 with hwaddr e8:4e:06:0b:30:25 and ssid "mywifi"
wlan1: STA 40:cb:a8:be:82:65 IEEE 802.11: authenticated
wlan1: STA 40:cb:a8:be:82:65 IEEE 802.11: associated (aid 1)
wlan1: AP-STA-CONNECTED 40:cb:a8:be:82:65
wlan1: STA 40:cb:a8:be:82:65 RADIUS: starting accounting session 5298070F-00000000
wlan1: STA 40:cb:a8:be:82:65 WPA: pairwise key handshake completed (RSN)
My phone has connect to it, but I can't use my phone to surf the internet via the wifi.
I think there could be something wrong with my nat.Though it seems ok.
sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
generated file hostapd.conf
ssid=mywifi
interface=wlan1
driver=nl80211
hw_mode=g
channel=1
ctrl_interface=/tmp/create_ap.wlan1.conf.y7BudENh/hostapd_ctrl
ctrl_interface_group=0
ignore_broadcast_ssid=0
wpa=3
wpa_passphrase=mypass
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
dnsmasq.conf
interface=wlan1
bind-interfaces
dhcp-range=192.168.12.1,192.168.12.254,255.255.255.0,24h
dhcp-option=option:router,192.168.12.1
no-hosts
I also tried other ways to nat the internet, but it doesn't work as well.
sudo iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
I also changed all the ppp0 above to eth0, but it does't work at all
Could you give me some advice?
Thanks in advance
Lenovo Y471A-ifi
Arch x86_64 KDE Vim zsh
To enjoy brand new start
Offline
hi, your create_ap is not updated, please try with the new one.
can other devices (not your phone) connect to the AP? also give me the output of the following commands:
iptables -L
ifconfig ppp0
ifconfig wlan1
in the updated version you can also share internet in bridged mode, try this:
create_ap -m bridge wlan1 ppp0 MyAccessPoint MyPassPhrase
Offline
I also have a pad, and i meet the same problem.
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
LOG udp -- anywhere anywhere udp dpts:0:1023 LOG level warning
LOG tcp -- anywhere anywhere tcp dpts:0:1023 LOG level warning
DROP udp -- anywhere anywhere udp dpts:0:1023
DROP tcp -- anywhere anywhere tcp dpts:0:1023
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
DROP icmp -- anywhere anywhere icmp echo-request
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::de0e:a1ff:fee9:2e35 prefixlen 64 scopeid 0x20<link>
ether dc:0e:a1:e9:2e:35 txqueuelen 1000 (Ethernet)
RX packets 43656 bytes 11319843 (10.7 MiB)
RX errors 0 dropped 29 overruns 0 frame 0
TX packets 7802 bytes 1072241 (1.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16
ifconfig ppp0
ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1492
inet 10.98.213.217 netmask 255.255.255.255 destination 10.98.208.1
ppp txqueuelen 3 (Point-to-Point Protocol)
RX packets 1445 bytes 1109439 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1518 bytes 181267 (177.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ifconfig wlan1
wlan1: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether e8:4e:06:0b:30:25 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
What's worse, when I choose bridge mode, my phone even can't connect to ap
sudo create_ap -m bridge wlan1 eth0 mywifi mypass
Config dir: /tmp/create_ap.wlan1.conf.UF9i0ZDJ
Creating a virtual WiFi interface... wlan1ap created.
Sharing Internet using method: bridge
hostapd command-line interface: hostapd_cli -p /tmp/create_ap.wlan1.conf.UF9i0ZDJ/hostapd_ctrl
Configuration file: /tmp/create_ap.wlan1.conf.UF9i0ZDJ/hostapd.conf
Using interface wlan1ap with hwaddr e8:4e:06:0b:30:26 and ssid "mywifi"
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: authenticated
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: associated (aid 1)
wlan1ap: AP-STA-CONNECTED 40:cb:a8:be:82:65
wlan1ap: STA 40:cb:a8:be:82:65 RADIUS: starting accounting session 5298AD97-00000000
wlan1ap: STA 40:cb:a8:be:82:65 WPA: pairwise key handshake completed (RSN)
wlan1ap: AP-STA-DISCONNECTED 40:cb:a8:be:82:65
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: disassociated
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: authenticated
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: associated (aid 1)
wlan1ap: AP-STA-CONNECTED 40:cb:a8:be:82:65
wlan1ap: STA 40:cb:a8:be:82:65 RADIUS: starting accounting session 5298AD97-00000001
wlan1ap: STA 40:cb:a8:be:82:65 WPA: pairwise key handshake completed (RSN)
wlan1ap: AP-STA-DISCONNECTED 40:cb:a8:be:82:65
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: disassociated
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: authenticated
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: associated (aid 1)
wlan1ap: AP-STA-CONNECTED 40:cb:a8:be:82:65
wlan1ap: STA 40:cb:a8:be:82:65 RADIUS: starting accounting session 5298AD97-00000002
wlan1ap: STA 40:cb:a8:be:82:65 WPA: pairwise key handshake completed (RSN)
wlan1ap: AP-STA-DISCONNECTED 40:cb:a8:be:82:65
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: disassociated
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: authenticated
wlan1ap: STA 40:cb:a8:be:82:65 IEEE 802.11: associated (aid 1)
wlan1ap: AP-STA-CONNECTED 40:cb:a8:be:82:65
wlan1ap: STA 40:cb:a8:be:82:65 RADIUS: starting accounting session 5298AD97-00000003
wlan1ap: STA 40:cb:a8:be:82:65 WPA: pairwise key handshake completed (RSN)
^Cwlan1ap: AP-STA-DISCONNECTED 40:cb:a8:be:82:65
Lenovo Y471A-ifi
Arch x86_64 KDE Vim zsh
To enjoy brand new start
Offline
Edit: see my next reply
run again the script (not in bridged mode) and give me again the output of
iptables -L
ifconfig wlan1ap
(wlan1ap is not a typo)
if you still don't have Internet on your mobile then run these commands while the create_ap is running:
iptables -A FORWARD -i wlan1ap -s 192.168.12.0/24 -j ACCEPT
iptables -A FORWARD -i ppp0 -d 192.168.12.0/24 -j ACCEPT
if you still don't have Internet, give me a second output of the 'iptables -L' after you execute above commands.
also, do you use any firewall? what network manager do you use?
Last edited by OBLiQUE (2013-11-29 22:07:30)
Offline
create_ap now is able to work even if UFW is enabled! (bridged mode does not work yet)
@ssfdust Please try again with my new script, I just did major changes and I think they will solve your problem.
EDIT:
bridged mode now works with UFW
Last edited by OBLiQUE (2013-11-29 21:52:31)
Offline
Thanks a lot.It works.
@OBLiQUE
Edit:
In fact, I'm exciting and even a little crazy.It took me too much time before.Thank you for your help very vey very much!
Last edited by ssfdust (2013-11-30 02:50:18)
Lenovo Y471A-ifi
Arch x86_64 KDE Vim zsh
To enjoy brand new start
Offline