Howto hostapd: Difference between revisions

From Vidalinux Wiki
Jump to navigation Jump to search
Line 156: Line 156:
set iptables rules for sharing internet to wlan0:
set iptables rules for sharing internet to wlan0:
  cat > /usr/local/bin/sharenetwlan << EOF
  cat > /usr/local/bin/sharenetwlan << EOF
  #!/bin/bash
  #!/bin/bash
  iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
  iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
  iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT
  iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT
Line 167: Line 166:
execute script:
execute script:
  /usr/local/bin/sharenetwlan
  /usr/local/bin/sharenetwlan
= speed test =
= speed test =
on server machine install iperf3:
on server machine install iperf3:

Revision as of 01:46, 17 August 2024

network manager

set wlan0 to unmanaged by networkmanager:

cat > /etc/NetworkManager/conf.d/99-unmanaged-devices.conf << EOF
[keyfile]
unmanaged-devices=interface-name:wlan0
EOF

restart network manager:

systemctl restart NetworkManager

configure wlan0

set wlan0 ip address:

ip addr add 192.168.10.1/24 dev wlan0

install hostapd

install latest version:

yay -s hostapd-git

configuration for wifi6e on 6ghz:

cat > /etc/hostapd/hostapd.conf << EOF
###################################################################
# HostAPd configuration for WiFi-6e for a MEDIATEK mt7925 NIC     #
#                                                                 #
# Requirements for WiFi-6e (ieee80211ax) on 6GHz:                 #
# - WPA3 for authentication                                       #
# - SAE key management required for WPA3                          #
# - Management Frame Protection required for WPA3                 #
# - Radar awareness required for some RegDomains on 5GHz and 6GHz #
# - WME/WMM required                                              #
###################################################################
# 
# Posix Socket - (i.e. for hostapd_cli)
ctrl_interface=/var/run/hostapd
# driver interface
driver=nl80211
# NIC to be configured
interface=wlan0
wds_sta=1
# Logging
logger_stdout=-1
logger_stdout_level=0
logger_syslog=-1
logger_syslog_level=0
# Registry Domain configured by Country Code
country_code=DE
ieee80211d=1
# Fulfill requirements for AP operation on 6GHz -- This is an INDOOR ONLY AP
he_6ghz_reg_pwr_type=0
# Expect this AP not to change its position and antenna alignment
stationary_ap=1
he_6ghz_rx_ant_pat=1
# Activate beamforming capabilities 
he_mu_beamformer=1
he_su_beamformee=1
he_su_beamformer=1
# Limit number of concurrent "clients" (stations) and do not restrict them by MAC address
max_num_sta=16
macaddr_acl=0
# Frequency band and channel selection for 6GHz WiFi-6e using 160MHz bandwidth
hw_mode=a
op_class=134
channel=1
he_oper_centr_freq_seg0_idx=15
# Configure for WiFi-6e protocol (AX mode) and set a BSS color
ieee80211ax=1
he_bss_color=1
# Enable Radar detection and DFS support if available
ieee80211h=1
enable_background_radar=1
# Enforce Management Frame Protection (MFP) as required for WPA3
ieee80211w=2
beacon_prot=1
# Configure Ciphers, Re-Keying Intervals and Authentication Protocols for WPA3
wpa=2
wpa_key_mgmt=SAE
auth_algs=1
rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256
group_mgmt_cipher=AES-128-CMAC
extended_key_id=1
wpa_gmk_rekey=86400
wpa_group_rekey=86400
wpa_group_update_count=4
# Configure SSID and Passphrase
ssid=LinuxAP
sae_password=testtest
# 
# Wireless Multimedia Extensions (WME) and Wi-Fi Multimedia (WMM)
wme_enabled=1
wmm_enabled=1
#
# Default WMM parameters (IEEE 802.11 draft; 11-03-0504-03-000e):
# These parameters are used by the access point when transmitting frames to the clients.
# Low priority / AC_BK = background
tx_queue_data3_aifs=7
tx_queue_data3_cwmin=15
tx_queue_data3_cwmax=1023
tx_queue_data3_burst=0
# Normal priority / AC_BE = best effort
tx_queue_data2_aifs=3
tx_queue_data2_cwmin=15
tx_queue_data2_cwmax=63
tx_queue_data2_burst=0
# High priority / AC_VI = video
tx_queue_data1_aifs=1
tx_queue_data1_cwmin=7
tx_queue_data1_cwmax=15
tx_queue_data1_burst=3.0
# Highest priority / AC_VO = voice
tx_queue_data0_aifs=1
tx_queue_data0_cwmin=3
tx_queue_data0_cwmax=7
tx_queue_data0_burst=1.5
# Quality of Service (QoS) parameters
# Low priority / AC_BK = background
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
# Normal priority / AC_BE = best effort
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
# High priority / AC_VI = video
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
# Highest priority / AC_VO = voice
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0
EOF

start hostapd deamon:

hostapd -t -d -P /var/run/wlan0.pid /etc/hostapd/hostapd.conf

install dhcp server

install dhcp server package:

pacman -S dhcp

configure dhcp server:

shared-network DHCP {
       subnet 192.168.10.0 netmask 255.255.255.0 {
               range 192.168.10.100 192.168.10.10;
               option broadcast-address 192.168.10.255;
               option routers 192.168.10.1;
               option subnet-mask 255.255.255.0;
               option domain-name-servers 4.2.2.1, 4.2.2.2;
               default-lease-time 600;
               max-lease-time 7200;
 }
}

start dhcp server on wlan0 interface:

dhcpd wlan0

iptables rules

set iptables rules for sharing internet to wlan0:

cat > /usr/local/bin/sharenetwlan << EOF
#!/bin/bash
iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT
iptables -A FORWARD -d 192.168.10.0/24 -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT
echo 1 >/proc/sys/net/ipv4/conf/all/forwarding
EOF

set permissions to script:

chmod +x /usr/local/bin/sharenetwlan

execute script:

/usr/local/bin/sharenetwlan

speed test

on server machine install iperf3:

pacman -Sy iperf3 --noconfirm

start iperf3 service on server:

iperf3 -s

on client machine install iperf3:

pacman -Sy iperf3 --noconfirm

then connect to server using iperf3:

iperf3 -c 192.168.10.1 -p 5201

you should see somehing like this:

Connecting to host 192.168.10.1, port 5201
[  5] local 192.168.10.34 port 39000 connected to 192.168.10.1 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec   128 MBytes  1.08 Gbits/sec    0   1.10 MBytes       
[  5]   1.00-2.00   sec  59.2 MBytes   497 Mbits/sec    1   1.32 MBytes       
[  5]   2.00-3.00   sec  47.0 MBytes   394 Mbits/sec    1   1.11 MBytes       
[  5]   3.00-4.00   sec  46.8 MBytes   392 Mbits/sec    3    908 KBytes       
[  5]   4.00-5.00   sec  49.1 MBytes   412 Mbits/sec    2   1.06 MBytes       
[  5]   5.00-6.00   sec  41.0 MBytes   344 Mbits/sec    2    631 KBytes       
[  5]   6.00-7.00   sec  92.1 MBytes   773 Mbits/sec    0    783 KBytes       
[  5]   7.00-8.00   sec   134 MBytes  1.13 Gbits/sec    0    962 KBytes       
[  5]   8.00-9.00   sec   129 MBytes  1.08 Gbits/sec    0    962 KBytes       
[  5]   9.00-10.00  sec   132 MBytes  1.11 Gbits/sec    0    962 KBytes       
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec   859 MBytes   721 Mbits/sec    9             sender
[  5]   0.00-10.00  sec   857 MBytes   718 Mbits/sec                  receiver

iperf Done.

references