Howto hostapd: Difference between revisions
Jump to navigation
Jump to search
Mandulete1 (talk | contribs) |
Mandulete1 (talk | contribs) |
||
(31 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= references = | = network manager = | ||
set wlan0 to unmanaged by networkmanager: | |||
cat > /etc/NetworkManager/conf.d/99-unmanaged-devices.conf << EOF | |||
[keyfile] | |||
unmanaged-devices=interface-name:wlan0 | |||
EOF | |||
restart network manager: | |||
systemctl restart NetworkManager | |||
= configure wlan0 = | |||
set wlan0 ip address: | |||
iw dev wlan0 set type managed | |||
iw wlan0 set power_save off | |||
ip link set dev wlan0 up | |||
ip addr add 192.168.10.1/24 dev wlan0 | |||
= install hostapd = | |||
install latest version: | |||
yay -s hostapd-git | |||
configuration for wifi6e on 6ghz: | |||
cat > /etc/hostapd/hostapd.conf << EOF | |||
################################################################### | |||
# HostAPd configuration for WiFi-6e for a MEDIATEK mt7925 NIC # | |||
# # | |||
# Requirements for WiFi-6e (ieee80211ax) on 6GHz: # | |||
# - WPA3 for authentication # | |||
# - SAE key management required for WPA3 # | |||
# - Management Frame Protection required for WPA3 # | |||
# - Radar awareness required for some RegDomains on 5GHz and 6GHz # | |||
# - WME/WMM required # | |||
################################################################### | |||
ctrl_interface=/var/run/hostapd | |||
driver=nl80211 | |||
# interface | |||
interface=wlan0 | |||
# country code | |||
country_code=DE | |||
ieee80211d=1 | |||
# ssid | |||
ssid=mandulete | |||
# wifi6e protocol ax mode | |||
ieee80211ax=1 | |||
# indoor only ap | |||
he_6ghz_reg_pwr_type=0 | |||
# multimedia extentions | |||
wme_enabled=1 | |||
wmm_enabled=1 | |||
# frecuency band and channel | |||
hw_mode=a | |||
channel=1 | |||
op_class=134 | |||
he_oper_centr_freq_seg0_idx=15 | |||
# enforce management frame protection | |||
ieee80211w=2 | |||
beacon_prot=1 | |||
# radar detection | |||
ieee80211h=1 | |||
enable_background_radar=1 | |||
# authentication | |||
wpa=2 | |||
wpa_key_mgmt=SAE | |||
auth_algs=1 | |||
rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256 | |||
group_mgmt_cipher=AES-128-CMAC | |||
sae_password=vidalinux123 | |||
# wmm parameters | |||
tx_queue_data3_aifs=7 | |||
tx_queue_data3_cwmin=15 | |||
tx_queue_data3_cwmax=1023 | |||
tx_queue_data3_burst=0 | |||
# Normal priority / AC_BE = best effort | |||
tx_queue_data2_aifs=3 | |||
tx_queue_data2_cwmin=15 | |||
tx_queue_data2_cwmax=63 | |||
tx_queue_data2_burst=0 | |||
# High priority / AC_VI = video | |||
tx_queue_data1_aifs=1 | |||
tx_queue_data1_cwmin=7 | |||
tx_queue_data1_cwmax=15 | |||
tx_queue_data1_burst=3.0 | |||
# Highest priority / AC_VO = voice | |||
tx_queue_data0_aifs=1 | |||
tx_queue_data0_cwmin=3 | |||
tx_queue_data0_cwmax=7 | |||
tx_queue_data0_burst=1.5 | |||
# Quality of Service (QoS) parameters | |||
# Low priority / AC_BK = background | |||
wmm_ac_bk_cwmin=4 | |||
wmm_ac_bk_cwmax=10 | |||
wmm_ac_bk_aifs=7 | |||
wmm_ac_bk_txop_limit=0 | |||
wmm_ac_bk_acm=0 | |||
# Normal priority / AC_BE = best effort | |||
wmm_ac_be_aifs=3 | |||
wmm_ac_be_cwmin=4 | |||
wmm_ac_be_cwmax=10 | |||
wmm_ac_be_txop_limit=0 | |||
wmm_ac_be_acm=0 | |||
# High priority / AC_VI = video | |||
wmm_ac_vi_aifs=2 | |||
wmm_ac_vi_cwmin=3 | |||
wmm_ac_vi_cwmax=4 | |||
wmm_ac_vi_txop_limit=94 | |||
wmm_ac_vi_acm=0 | |||
# Highest priority / AC_VO = voice | |||
wmm_ac_vo_aifs=2 | |||
wmm_ac_vo_cwmin=2 | |||
wmm_ac_vo_cwmax=3 | |||
wmm_ac_vo_txop_limit=47 | |||
wmm_ac_vo_acm=0 | |||
# Logging | |||
logger_stdout=-1 | |||
logger_stdout_level=0 | |||
logger_syslog=-1 | |||
logger_syslog_level=0 | |||
# beamforming capabilities | |||
he_mu_beamformer=1 | |||
he_su_beamformee=1 | |||
he_su_beamformer=1 | |||
EOF | |||
settings for wifi7: | |||
ieee80211be=1 | |||
disable_11be=0 | |||
eht_su_beamformer=1 | |||
eht_su_beamformee=1 | |||
eht_mu_beamformer=1 | |||
start hostapd deamon: | |||
hostapd -t -d -P /var/run/wlan0.pid /etc/hostapd/hostapd.conf | |||
= install dhcp server = | |||
install dhcp server package: | |||
pacman -S dhcp | |||
configure dhcp server: | |||
shared-network DHCP { | |||
subnet 192.168.10.0 netmask 255.255.255.0 { | |||
range 192.168.10.100 192.168.10.10; | |||
option broadcast-address 192.168.10.255; | |||
option routers 192.168.10.1; | |||
option subnet-mask 255.255.255.0; | |||
option domain-name-servers 4.2.2.1, 4.2.2.2; | |||
default-lease-time 600; | |||
max-lease-time 7200; | |||
} | |||
} | |||
start dhcp server on wlan0 interface: | |||
dhcpd wlan0 | |||
= iptables rules = | |||
set iptables rules for sharing internet to wlan0: | |||
cat > /usr/local/bin/sharenetwlan << EOF | |||
#!/bin/bash | |||
iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE | |||
iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT | |||
iptables -A FORWARD -d 192.168.10.0/24 -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT | |||
echo 1 >/proc/sys/net/ipv4/conf/all/forwarding | |||
EOF | |||
set permissions to script: | |||
chmod +x /usr/local/bin/sharenetwlan | |||
execute script: | |||
/usr/local/bin/sharenetwlan | |||
= speed test = | |||
install iperf3 on server and client: | |||
pacman -Sy iperf3 --noconfirm | |||
start iperf3 service on server: | |||
iperf3 -s | |||
on client connect to server using iperf3: | |||
iperf3 -c 192.168.10.1 -p 5201 | |||
you should see somehing like this: | |||
Connecting to host 192.168.10.1, port 5201 | |||
[ 5] local 192.168.10.34 port 39000 connected to 192.168.10.1 port 5201 | |||
[ ID] Interval Transfer Bitrate Retr Cwnd | |||
[ 5] 0.00-1.00 sec 128 MBytes 1.08 Gbits/sec 0 1.10 MBytes | |||
[ 5] 1.00-2.00 sec 59.2 MBytes 497 Mbits/sec 1 1.32 MBytes | |||
[ 5] 2.00-3.00 sec 47.0 MBytes 394 Mbits/sec 1 1.11 MBytes | |||
[ 5] 3.00-4.00 sec 46.8 MBytes 392 Mbits/sec 3 908 KBytes | |||
[ 5] 4.00-5.00 sec 49.1 MBytes 412 Mbits/sec 2 1.06 MBytes | |||
[ 5] 5.00-6.00 sec 41.0 MBytes 344 Mbits/sec 2 631 KBytes | |||
[ 5] 6.00-7.00 sec 92.1 MBytes 773 Mbits/sec 0 783 KBytes | |||
[ 5] 7.00-8.00 sec 134 MBytes 1.13 Gbits/sec 0 962 KBytes | |||
[ 5] 8.00-9.00 sec 129 MBytes 1.08 Gbits/sec 0 962 KBytes | |||
[ 5] 9.00-10.00 sec 132 MBytes 1.11 Gbits/sec 0 962 KBytes | |||
- - - - - - - - - - - - - - - - - - - - - - - - - | |||
[ ID] Interval Transfer Bitrate Retr | |||
[ 5] 0.00-10.00 sec 859 MBytes 721 Mbits/sec 9 sender | |||
[ 5] 0.00-10.00 sec 857 MBytes 718 Mbits/sec receiver | |||
iperf Done. | |||
= enable 5ghz band support on intel wireless chips = | |||
download iwlwifi-lar-disable-dkms: | |||
yay -G iwlwifi-lar-disable-dkms | |||
edit pkgbuild change kernel based on your version: | |||
pkgver=6.9.8 | |||
build package: | |||
makepkg -si | |||
edit /etc/default/grub: | |||
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet iwlwifi.lar_disable=Y" | |||
commit changes: | |||
grub-mkconfig -o /boot/grub/grub.cfg | |||
mkinitcpio -P | |||
= references = | |||
* https://github.com/morrownr/USB-WiFi/tree/main/home/AP_Mode | * https://github.com/morrownr/USB-WiFi/tree/main/home/AP_Mode | ||
* https://github.com/morrownr/USB-WiFi/blob/main/home/USB_WiFi_Chipsets.md | |||
* https://github.com/morrownr/USB-WiFi/issues/431 | * https://github.com/morrownr/USB-WiFi/issues/431 | ||
* https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP | * https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP | ||
* https://github.com/drozdi70/bananapi_bpir4/blob/main/conf_files_bpi_router_6.10_trixie.zip | * https://github.com/drozdi70/bananapi_bpir4/blob/main/conf_files_bpi_router_6.10_trixie.zip | ||
* https://forum.openwrt.org/t/banana-bpi-r4-wifi7-status/201051/24 | * https://forum.openwrt.org/t/banana-bpi-r4-wifi7-status/201051/24 | ||
* https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723 | |||
* https://forum.openwrt.org/t/banana-bpi-r4-how-to-wnc7851-ncm865/197141/25 | |||
* https://vyos.dev/T6320 | |||
* https://gist.github.com/iffa/290b1b83b17f51355c63a97df7c1cc60 | |||
* https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP | |||
* https://wiki.archlinux.org/title/Network_configuration/Wireless#Respecting_the_regulatory_domain | |||
* https://superuser.com/questions/809282/wifi-5ghz-ap-mode-what-does-no-ir-means-and-can-i-bypass-it | |||
* https://github.com/vanhoefm/hostap-wpa3 | |||
* https://wikidevi.wi-cat.ru/Main_Page | |||
* https://www.netally.com/wifi-solutions/wifi-7-promises-to-achieve-up-to-46gbps-speeds/ |
Latest revision as of 01:45, 13 September 2024
network manager
set wlan0 to unmanaged by networkmanager:
cat > /etc/NetworkManager/conf.d/99-unmanaged-devices.conf << EOF [keyfile] unmanaged-devices=interface-name:wlan0 EOF
restart network manager:
systemctl restart NetworkManager
configure wlan0
set wlan0 ip address:
iw dev wlan0 set type managed iw wlan0 set power_save off ip link set dev wlan0 up ip addr add 192.168.10.1/24 dev wlan0
install hostapd
install latest version:
yay -s hostapd-git
configuration for wifi6e on 6ghz:
cat > /etc/hostapd/hostapd.conf << EOF ################################################################### # HostAPd configuration for WiFi-6e for a MEDIATEK mt7925 NIC # # # # Requirements for WiFi-6e (ieee80211ax) on 6GHz: # # - WPA3 for authentication # # - SAE key management required for WPA3 # # - Management Frame Protection required for WPA3 # # - Radar awareness required for some RegDomains on 5GHz and 6GHz # # - WME/WMM required # ################################################################### ctrl_interface=/var/run/hostapd driver=nl80211 # interface interface=wlan0 # country code country_code=DE ieee80211d=1 # ssid ssid=mandulete # wifi6e protocol ax mode ieee80211ax=1 # indoor only ap he_6ghz_reg_pwr_type=0 # multimedia extentions wme_enabled=1 wmm_enabled=1 # frecuency band and channel hw_mode=a channel=1 op_class=134 he_oper_centr_freq_seg0_idx=15 # enforce management frame protection ieee80211w=2 beacon_prot=1 # radar detection ieee80211h=1 enable_background_radar=1 # authentication wpa=2 wpa_key_mgmt=SAE auth_algs=1 rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256 group_mgmt_cipher=AES-128-CMAC sae_password=vidalinux123 # wmm parameters tx_queue_data3_aifs=7 tx_queue_data3_cwmin=15 tx_queue_data3_cwmax=1023 tx_queue_data3_burst=0 # Normal priority / AC_BE = best effort tx_queue_data2_aifs=3 tx_queue_data2_cwmin=15 tx_queue_data2_cwmax=63 tx_queue_data2_burst=0 # High priority / AC_VI = video tx_queue_data1_aifs=1 tx_queue_data1_cwmin=7 tx_queue_data1_cwmax=15 tx_queue_data1_burst=3.0 # Highest priority / AC_VO = voice tx_queue_data0_aifs=1 tx_queue_data0_cwmin=3 tx_queue_data0_cwmax=7 tx_queue_data0_burst=1.5 # Quality of Service (QoS) parameters # Low priority / AC_BK = background wmm_ac_bk_cwmin=4 wmm_ac_bk_cwmax=10 wmm_ac_bk_aifs=7 wmm_ac_bk_txop_limit=0 wmm_ac_bk_acm=0 # Normal priority / AC_BE = best effort wmm_ac_be_aifs=3 wmm_ac_be_cwmin=4 wmm_ac_be_cwmax=10 wmm_ac_be_txop_limit=0 wmm_ac_be_acm=0 # High priority / AC_VI = video wmm_ac_vi_aifs=2 wmm_ac_vi_cwmin=3 wmm_ac_vi_cwmax=4 wmm_ac_vi_txop_limit=94 wmm_ac_vi_acm=0 # Highest priority / AC_VO = voice wmm_ac_vo_aifs=2 wmm_ac_vo_cwmin=2 wmm_ac_vo_cwmax=3 wmm_ac_vo_txop_limit=47 wmm_ac_vo_acm=0 # Logging logger_stdout=-1 logger_stdout_level=0 logger_syslog=-1 logger_syslog_level=0 # beamforming capabilities he_mu_beamformer=1 he_su_beamformee=1 he_su_beamformer=1 EOF
settings for wifi7:
ieee80211be=1 disable_11be=0 eht_su_beamformer=1 eht_su_beamformee=1 eht_mu_beamformer=1
start hostapd deamon:
hostapd -t -d -P /var/run/wlan0.pid /etc/hostapd/hostapd.conf
install dhcp server
install dhcp server package:
pacman -S dhcp
configure dhcp server:
shared-network DHCP { subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.100 192.168.10.10; option broadcast-address 192.168.10.255; option routers 192.168.10.1; option subnet-mask 255.255.255.0; option domain-name-servers 4.2.2.1, 4.2.2.2; default-lease-time 600; max-lease-time 7200; } }
start dhcp server on wlan0 interface:
dhcpd wlan0
iptables rules
set iptables rules for sharing internet to wlan0:
cat > /usr/local/bin/sharenetwlan << EOF #!/bin/bash iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT iptables -A FORWARD -d 192.168.10.0/24 -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT echo 1 >/proc/sys/net/ipv4/conf/all/forwarding EOF
set permissions to script:
chmod +x /usr/local/bin/sharenetwlan
execute script:
/usr/local/bin/sharenetwlan
speed test
install iperf3 on server and client:
pacman -Sy iperf3 --noconfirm
start iperf3 service on server:
iperf3 -s
on client connect to server using iperf3:
iperf3 -c 192.168.10.1 -p 5201
you should see somehing like this:
Connecting to host 192.168.10.1, port 5201 [ 5] local 192.168.10.34 port 39000 connected to 192.168.10.1 port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 128 MBytes 1.08 Gbits/sec 0 1.10 MBytes [ 5] 1.00-2.00 sec 59.2 MBytes 497 Mbits/sec 1 1.32 MBytes [ 5] 2.00-3.00 sec 47.0 MBytes 394 Mbits/sec 1 1.11 MBytes [ 5] 3.00-4.00 sec 46.8 MBytes 392 Mbits/sec 3 908 KBytes [ 5] 4.00-5.00 sec 49.1 MBytes 412 Mbits/sec 2 1.06 MBytes [ 5] 5.00-6.00 sec 41.0 MBytes 344 Mbits/sec 2 631 KBytes [ 5] 6.00-7.00 sec 92.1 MBytes 773 Mbits/sec 0 783 KBytes [ 5] 7.00-8.00 sec 134 MBytes 1.13 Gbits/sec 0 962 KBytes [ 5] 8.00-9.00 sec 129 MBytes 1.08 Gbits/sec 0 962 KBytes [ 5] 9.00-10.00 sec 132 MBytes 1.11 Gbits/sec 0 962 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 859 MBytes 721 Mbits/sec 9 sender [ 5] 0.00-10.00 sec 857 MBytes 718 Mbits/sec receiver iperf Done.
enable 5ghz band support on intel wireless chips
download iwlwifi-lar-disable-dkms:
yay -G iwlwifi-lar-disable-dkms
edit pkgbuild change kernel based on your version:
pkgver=6.9.8
build package:
makepkg -si
edit /etc/default/grub:
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet iwlwifi.lar_disable=Y"
commit changes:
grub-mkconfig -o /boot/grub/grub.cfg mkinitcpio -P
references
- https://github.com/morrownr/USB-WiFi/tree/main/home/AP_Mode
- https://github.com/morrownr/USB-WiFi/blob/main/home/USB_WiFi_Chipsets.md
- https://github.com/morrownr/USB-WiFi/issues/431
- https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP
- https://github.com/drozdi70/bananapi_bpir4/blob/main/conf_files_bpi_router_6.10_trixie.zip
- https://forum.openwrt.org/t/banana-bpi-r4-wifi7-status/201051/24
- https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723
- https://forum.openwrt.org/t/banana-bpi-r4-how-to-wnc7851-ncm865/197141/25
- https://vyos.dev/T6320
- https://gist.github.com/iffa/290b1b83b17f51355c63a97df7c1cc60
- https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP
- https://wiki.archlinux.org/title/Network_configuration/Wireless#Respecting_the_regulatory_domain
- https://superuser.com/questions/809282/wifi-5ghz-ap-mode-what-does-no-ir-means-and-can-i-bypass-it
- https://github.com/vanhoefm/hostap-wpa3
- https://wikidevi.wi-cat.ru/Main_Page
- https://www.netally.com/wifi-solutions/wifi-7-promises-to-achieve-up-to-46gbps-speeds/