You are not logged in.

#1 2022-11-11 17:13:50

Strangiato
Member
Registered: 2020-01-10
Posts: 357

Hotspot does not give connectivity to the internet

Hi

I use Arch + Gnome, my system is fully updated, I use NetworkManager and iwd to manage my wi-fi.
Sometimes I connect my laptop to a wired network and I create a hotspot with its wi-fi nic, so an Android 6 phone can connect to it.
I have installed the hostapd package, here is my /etc/hostapd/hostapd.conf file:

interface=wlan0
bridge=br0

# SSID to be used in IEEE 802.11 management frames
ssid=homewifi_05C
# Driver interface type (hostap/wired/none/nl80211/bsd)
driver=nl80211
# Country code (ISO/IEC 3166-1)
country_code=BR

# Operation mode (a = IEEE 802.11a (5 GHz), g = IEEE 802.11b (2.4 GHz)
hw_mode=g
# Channel number
channel=7
# Maximum number of stations allowed
max_num_sta=5

# Bit field: bit0 = WPA, bit1 = WPA2
wpa=2
# Bit field: 1=wpa, 2=wep, 3=both
auth_algs=1

# Set of accepted cipher suites; disabling insecure TKIP
wpa_pairwise=CCMP
# Set of accepted key management algorithms
wpa_key_mgmt=WPA-PSK
wpa_passphrase=<my password>

# hostapd event logger configuration
logger_stdout=-1
logger_stdout_level=2

# Uncomment and modify the following section if your device supports 802.11n
## Enable 802.11n support
ieee80211n=1
## QoS support
#wmm_enabled=1
## Use "iw list" to show device capabilities and modify ht_capab accordingly
#ht_capab=[HT40+][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]

I have configured the NAT setup with firewalld according to the instructions from the wiki:
https://wiki.archlinux.org/title/Intern … _firewalld

I have ran these commands:

# firewall-cmd --zone=external --change-interface=enp1s0 --permanent
# firewall-cmd --zone=internal --change-interface=wlan0 --permanent


# firewall-cmd --permanent --new-policy int2ext
# firewall-cmd --permanent --policy int2ext --add-ingress-zone internal
# firewall-cmd --permanent --policy int2ext --add-egress-zone external
# firewall-cmd --permanent --policy int2ext --set-target ACCEPT
# firewall-cmd --reload

I use dnsmasq as dhcp server:
https://wiki.archlinux.org/title/Intern … ient_PC(s)

Ran these commands from the wiki:

# iptables -I INPUT -p udp --dport 67 -i wlan0 -j ACCEPT
# iptables -I INPUT -p udp --dport 53 -s 192.168.123.0/24 -j ACCEPT
# iptables -I INPUT -p tcp --dport 53 -s 192.168.123.0/24 -j ACCEPT

Here is my /etc/dnsmasq.conf file:

#DHCP
port=0
# Only listen to routers' LAN NIC.  Doing so opens up tcp/udp port 53 to localhost and udp port 67 to world:
interface=enp1s0

# dnsmasq will open tcp/udp port 53 and udp port 67 to world to help with dynamic interfaces (assigning dynamic IPs).
# dnsmasq will discard world requests to them, but the paranoid might like to close them and let the kernel handle them.
bind-interfaces

# Optionally set a domain name
#domain=example.org

# Set default gateway
dhcp-option=3,0.0.0.0

# Set DNS servers to announce
dhcp-option=6,0.0.0.0

# If your dnsmasq server is also doing the routing for your network, you can use option 121 to push a static route out.
# x.x.x.x is the destination LAN, yy is the CIDR notation (usually /24), and z.z.z.z is the host which will do the routing.
#dhcp-option=121,x.x.x.x/yy,z.z.z.z

# Dynamic range of IPs to make available to LAN PC and the lease time. 
# Ideally set the lease time to 5m only at first to test everything works okay before you set long-lasting records.
dhcp-range=192.168.111.50,192.168.111.100,12h

# Provide IPv6 DHCP leases, the range is constructed using the network interface as prefix
dhcp-range=::f,::ff,constructor:enp1s0

# If you’d like to have dnsmasq assign static IPs to some clients, bind the LAN computers NIC MAC addresses:
#dhcp-host=aa:bb:cc:dd:ee:ff,192.168.111.50
#dhcp-host=aa:bb:cc:ff:dd:ee,192.168.111.51

dnsmasq service fails to start:

$ journalctl -xeu dnsmasq.service
-- Automatic restarting of the unit dnsmasq.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Nov 11 12:59:00 arch-laptop systemd[1]: Stopped dnsmasq - A lightweight DHCP and caching DNS server.
-- Subject: A stop job for unit dnsmasq.service has finished
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- A stop job for unit dnsmasq.service has finished.
-- 
-- The job identifier is 5102 and the job result is done.
Nov 11 12:59:00 arch-laptop systemd[1]: dnsmasq.service: Start request repeated too quickly.
Nov 11 12:59:00 arch-laptop systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- The unit dnsmasq.service has entered the 'failed' state with result 'exit-code'.
Nov 11 12:59:00 arch-laptop systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS s>
-- Subject: A start job for unit dnsmasq.service has failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- A start job for unit dnsmasq.service has finished with a failure.
-- 
-- The job identifier is 5102 and the job result is failed.

dhcp of iwd is configured to work in AP mode according to the wiki:
https://wiki.archlinux.org/title/iwd#No_DHCP_in_AP_mode



When I want to activate the hotspot, I open wi-fi module of Gnome settings,
click on the vertical three dots in the upper right corner and choose
"Turn on wi-fi hotspot...', I enter "arch-laptop" as "Network name", enter a password
and click on "Turn on" button. I can connect to the hotspot with an Android 6 phone but the phone
has no access to the internet.

Could anyone help me to fix the connectivity to the internet please?
Thanks.

Edit:
Packet forwarding is also enabled:

/etc/sysctl.d/30-ipforward.conf
net.ipv4.ip_forward=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1

Edit2:
After disabling firewalld, I was able to create a functional hotspot with linux-wifi-hotspot from AUR
https://aur.archlinux.org/packages/linux-wifi-hotspot

But the hotspot activated via Gnome Settings is still without connectivity to the internet.

Last edited by Strangiato (2022-11-12 00:28:21)

Offline

Board footer

Powered by FluxBB