You are not logged in.

#1 2022-11-11 17:13:50

Registered: 2020-01-10
Posts: 239

Hotspot does not give connectivity to the internet


I use Arch + Gnome, my system is fully updated, I use NetworkManager and iwd to manage my wi-fi.
Sometimes I connect my laptop to a wired network and I create a hotspot with its wi-fi nic, so an Android 6 phone can connect to it.
I have installed the hostapd package, here is my /etc/hostapd/hostapd.conf file:


# SSID to be used in IEEE 802.11 management frames
# Driver interface type (hostap/wired/none/nl80211/bsd)
# Country code (ISO/IEC 3166-1)

# Operation mode (a = IEEE 802.11a (5 GHz), g = IEEE 802.11b (2.4 GHz)
# Channel number
# Maximum number of stations allowed

# Bit field: bit0 = WPA, bit1 = WPA2
# Bit field: 1=wpa, 2=wep, 3=both

# Set of accepted cipher suites; disabling insecure TKIP
# Set of accepted key management algorithms
wpa_passphrase=<my password>

# hostapd event logger configuration

# Uncomment and modify the following section if your device supports 802.11n
## Enable 802.11n support
## QoS support
## Use "iw list" to show device capabilities and modify ht_capab accordingly

I have configured the NAT setup with firewalld according to the instructions from the wiki: … _firewalld

I have ran these commands:

# firewall-cmd --zone=external --change-interface=enp1s0 --permanent
# firewall-cmd --zone=internal --change-interface=wlan0 --permanent

# firewall-cmd --permanent --new-policy int2ext
# firewall-cmd --permanent --policy int2ext --add-ingress-zone internal
# firewall-cmd --permanent --policy int2ext --add-egress-zone external
# firewall-cmd --permanent --policy int2ext --set-target ACCEPT
# firewall-cmd --reload

I use dnsmasq as dhcp server: … ient_PC(s)

Ran these commands from the wiki:

# iptables -I INPUT -p udp --dport 67 -i wlan0 -j ACCEPT
# iptables -I INPUT -p udp --dport 53 -s -j ACCEPT
# iptables -I INPUT -p tcp --dport 53 -s -j ACCEPT

Here is my /etc/dnsmasq.conf file:

# Only listen to routers' LAN NIC.  Doing so opens up tcp/udp port 53 to localhost and udp port 67 to world:

# dnsmasq will open tcp/udp port 53 and udp port 67 to world to help with dynamic interfaces (assigning dynamic IPs).
# dnsmasq will discard world requests to them, but the paranoid might like to close them and let the kernel handle them.

# Optionally set a domain name

# Set default gateway

# Set DNS servers to announce

# If your dnsmasq server is also doing the routing for your network, you can use option 121 to push a static route out.
# x.x.x.x is the destination LAN, yy is the CIDR notation (usually /24), and z.z.z.z is the host which will do the routing.

# Dynamic range of IPs to make available to LAN PC and the lease time. 
# Ideally set the lease time to 5m only at first to test everything works okay before you set long-lasting records.

# Provide IPv6 DHCP leases, the range is constructed using the network interface as prefix

# If you’d like to have dnsmasq assign static IPs to some clients, bind the LAN computers NIC MAC addresses:

dnsmasq service fails to start:

$ journalctl -xeu dnsmasq.service
-- Automatic restarting of the unit dnsmasq.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Nov 11 12:59:00 arch-laptop systemd[1]: Stopped dnsmasq - A lightweight DHCP and caching DNS server.
-- Subject: A stop job for unit dnsmasq.service has finished
-- Defined-By: systemd
-- Support:
-- A stop job for unit dnsmasq.service has finished.
-- The job identifier is 5102 and the job result is done.
Nov 11 12:59:00 arch-laptop systemd[1]: dnsmasq.service: Start request repeated too quickly.
Nov 11 12:59:00 arch-laptop systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support:
-- The unit dnsmasq.service has entered the 'failed' state with result 'exit-code'.
Nov 11 12:59:00 arch-laptop systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS s>
-- Subject: A start job for unit dnsmasq.service has failed
-- Defined-By: systemd
-- Support:
-- A start job for unit dnsmasq.service has finished with a failure.
-- The job identifier is 5102 and the job result is failed.

dhcp of iwd is configured to work in AP mode according to the wiki:

When I want to activate the hotspot, I open wi-fi module of Gnome settings,
click on the vertical three dots in the upper right corner and choose
"Turn on wi-fi hotspot...', I enter "arch-laptop" as "Network name", enter a password
and click on "Turn on" button. I can connect to the hotspot with an Android 6 phone but the phone
has no access to the internet.

Could anyone help me to fix the connectivity to the internet please?

Packet forwarding is also enabled:


After disabling firewalld, I was able to create a functional hotspot with linux-wifi-hotspot from AUR

But the hotspot activated via Gnome Settings is still without connectivity to the internet.

Last edited by Strangiato (2022-11-12 00:28:21)


Board footer

Powered by FluxBB