add a wifi AP for armbian box (by quqi99)

quqi99

已于 2025-03-26 21:32:48 修改

阅读量2.3k

点赞数

分类专栏： openwrt 文章标签： ap wifi dnsmasq dhcp

于 2022-03-26 21:30:49 首次发布

本文链接：https://blog.csdn.net/quqi99/article/details/123764093

版权

openwrt 专栏收录该内容

3 篇文章

订阅专栏

作者：张华发表于：2022-03-26
版权声明：可以任意转载，转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明
( http://blog.csdn.net/quqi99 )

无线网卡的5种模式:

AP/master, 当做一个无线接入点来使用
Managed/Client, 作为客户端接入主AP https://blog.csdn.net/hailangnet/article/details/118110720
Ad-Hoc/adhoc, 与AP的区别是Ad-hoc是无中心点对点的, 没有配置成Ad-Hoc模式的话则多个子设备之间的通信需要通过AP的转发.
WDS(wireless distribution system)
Monitor

#iwconfig wlan0 mode ap
root@OneCloud:~# iw list |grep 'Supported interface modes' -A5
	Supported interface modes:
		 * IBSS
		 * managed
		 * AP
		 * P2P-client
		 * P2P-GO
root@OneCloud:~# ethtool -i wlan0|grep driver
driver: rtl8188eu

enable ad-hoc

有NAT和bridge两种模式:

NAT, 不使用br0, 直接在wlan0上设置IP, 之后得设置NAT, 有独立的网段. 这里是这种 - https://blog.csdn.net/cupidove/article/details/38845049
Bridge, 使用br0, 将eth0与wlan0都在加入到br0, 这种模式整个armbian box延伸作为主路由的一个AP使用(网络从主路由分配) - https://www.cnblogs.com/wxfy/p/10879858.html

cat << EOF | tee /etc/network/interfaces.d/wlan0
allow-hotplug wlan0
iface wlan0 inet static
address 192.168.98.1
netmask 255.255.255.0
network 192.168.98.0
broadcast 192.168.98.255
gateway 192.168.99.1
dns-nameservers 192.168.99.1
#wireless-essid armbianAP
#wireless-mode ad-hoc
#wireless-channel 11
EOF
ifdown wlan0 && ifup wlan0

这里没有在/etc/network/interfaces.d/wlan0中设置wireless-essid之内的参数,改到/etc/hostapd.conf中来设置, 在默认的基础上添加了下列项, 最重要的是要注释掉briage=br0

cat << EOF | tee /etc/hostapd.conf
interface=wlan0
driver=nl80211
ssid=armbianAP
channel=6
hw_mode=g
ignore_broadcast_ssid=0
auth_algs=1
wpa=3
wpa_passphrase=password
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
#bridage=br0
EOF

dhcp

或者使用下列配置参数来配置:

cat << EOF | tee /etc/dnsmasq.conf
interface=wlan0
listen-address=192.168.98.1
dhcp-range=192.168.98.2,192.168.98.100,120h
dhcp-option=6,192.168.98.1
EOF
systemctl enable dnsmasq && systemctl start dnsmasq

或者禁用掉dnmsaq服务后来手工配置:

systemctl disable dnsmasq && systemctl stop dnsmasq
vim /etc/rc.local
dnsmasq -i wlan0 --dhcp-range=192.168.98.100,192.168.98.109,480h 2>&1 &

router

cat << EOF | tee -a /etc/sysctl.conf
net.ipv4.ip_forward = 1
EOF
sysctl -p

iptables -A FORWARD -i wlan0 -o eth0 -s 192.168.98.0/24 -m state --state NEW -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
apt install iptables-persistent -y
dpkg-reconfigure iptables-persistent
systemctl enable netfilter-persistent

dns[可选]

只配置dhcp就可以了, 不一定非要配置dns, 因为/etc/network/interfaces.d/wlan0中已经配置dns项了

cat << EOF | tee /etc/resolvconf/resolv.conf.d/head
nameserver 192.168.99.1
EOF
systemctl disable systemd-resolved && systemctl stop systemd-resolved
rm -rf /etc/resolv.conf && ln -s /etc/resolvconf/run/resolv.conf /etc/resolv.conf
systemctl restart resolvconf

问题

能连上, 但不稳定, 动不动说没网了. 是因为之前照网上抄的使用了:

iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

而应该是：

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

20250326 - 奇怪的监听在53端口的init进程

总是能看到一个奇怪的监听在53端口的init进程:

# sudo netstat -tulpn | grep :53
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      1/init               
udp        0      0 0.0.0.0:53              0.0.0.0:*                           1/init

原来是 dnscrypt-proxy.socket 在捣鬼 - systemctl stop dnscrypt-proxy.socket

20250326 - dnsamsq on armbian

armbian上的dnsmasq是通过(/etc/init.d/dnsmasq systemd-exec)启动的，而x86 debian/ubuntu上的dnsmasq是通过systemd-helper启动的，前者不会利用/etc/dnsmasq.conf，所以我在/etc/dnsmasq.conf里弄的配置都不会生效，所以我最终将armbian上的dnsmasq配置改成下面的（另外， armbian上的添加了conf-dir=/etc/dnsmasq.d/即使用了TimeoutStartSec=300s也总超时，是因为我在dnsmasq.d里放的东西太多了吗？)：

# cat /lib/systemd/system/dnsmasq.service
[Unit]
Description=Custom Dnsmasq Service
After=network.target
[Service]
Type=forking
ExecStart=/usr/sbin/dnsmasq --conf-file=/etc/dnsmasq.conf
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
User=root
Group=root
TimeoutStartSec=300s
[Install]
WantedBy=multi-user.target

# cat /etc/dnsmasq.conf
listen-address=192.168.99.171
#listen-address=::
# NOTE : I HAVE FOUND THE REASON, that's because dnsmasq didn't use the file /etc/dnsmasq.conf
#above listen-address doesn't work with tcp mode
#and the following interface can't work sometimes as well, so  finally we modify the dnsmasq in gw to use 192.168.99.171 directly
#interface=eth0
#log-queries
#log-facility=/var/log/dnsmasq.log
#conf-dir=/etc/dnsmasq.d/
no-hosts
#hostsdir=/etc/hosts
bogus-nxdomain=119.29.29.29
#cache-size=10000
cache-size=0
min-cache-ttl=360000
max-cache-ttl=360000
port=53
#server=223.5.5.5
server=100.97.210.118