1. 安装hostapd与dnsmasq
sudo emerge hostapd
sudo emerge dnsmasq
2. 配置hostapd: 配置文件是 /etc/hostapd/hostapd.conf,如果没有自己新建一个,内容如下:
interface=wlan0 #更改为你自己的无线网卡名
driver=nl80211 #确保这个是nl80211,不要随意修改
ssid=beyond #wifi的名称,最好不要有中文和空格
hw_mode=g #g 是一种比较好的选择
channel=11
dtim_period=1
rts_threshold=2347
fragm_threshold=2346
macaddr_acl=0
auth_algs=3
ieee80211n=0
wpa=3
wpa_passphrase=12345678 #wifi密码
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
4. 配置dnsmasq:配置文件是/etc/dnsmasq.conf
interface=wlan0
bind-interfaces #这个是只监听wlan0,没有之会检测所有卡
except-interface=lo
dhcp-range=192.168.1.100,192.168.1.254,12h #设置dhcp地址范围,即租借时间6小时
dhcp-option=3,192.168.1.1 #为手机配置网关,要和dhcp-arange对应,这涉及网络的知
5. 启动相应的服务:
sudo /etc/init.d/hostapd start
sudo /etc/init.d/dnsmasq start
6. 给无线网卡分配ip:
sudo ifconfig wlan0 192.168.1.1 netmask 255.255.255.0
7. 我用的是nat来实现网卡间的共享,命令如下,打开iptables的nat功能:
#打开包转发功能:
echo "1" > /proc/sys/net/ipv4/ip_forward
#修改/etc/sysctl.conf文件,让包转发功能在系统启动时自动生效:
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
打开iptables的NAT功能:
sudo iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE #实现ppp0与无线网卡间的共享
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE #实现eth0与无线网卡间的共享
根据自己的实际情况,选择上面的一条命令来执行。
7. 写了个服务,让他自启动,在/etc/init.d/在新建myAP,增加执行权限,再将下面的内容写到myAP中:
#!/sbin/runscript
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
start() {
ebegin Starting myAPservice
sed -i '/\[keyfile\]/a unmanaged-devices=mac:74:2f:68:d5:45:45' /etc/NetworkManager/NetworkManager.conf
sleep 2
/etc/init.d/hostapd start
sleep 2
/etc/init.d/dnsmasq start
ifconfig wlan0 192.168.1.1 netmask 255.255.255.0
eend $?
}
stop() {
ebegin Stopping myAPservice
/etc/init.d/hostapd stop
sleep 2
/etc/init.d/dnsmasq stop
sed -i '/^unmanaged-devices=mac:74:2f:68:d5:45:45/d' /etc/NetworkManager/NetworkManager.conf
eend $?
}
现在要启动的时候就直接sudo /etc/init.d/myAP start
遇到的问题总结如下:
1. iptables的nat功能打不开,运行iptables -t nat时错误: can't initialize iptables table `nat': Table does not exist 。这个主要是内核里面要包含nat功能。解决方法如下:
重新按照http://wiki.gentoo.org/wiki/Iptables安装iptables,并按上面的要求重新编译内核
[*] Networking support --->
Networking options --->
[*] TCP/IP networking
[*] IP: multicasting
[*] IP: advanced router
...
[*] IP: ARP daemon support
[*] IP: TCP syncookie support
<M> IP: AH transformation
<M> IP: ESP transformation
<M> IP: IPComp transformation
<M> IP: IPsec transport mode
<M> IP: IPsec tunnel mode
<M> IP: IPsec BEET mode
<*> Large Receive Offload (ipv4/tcp)
<*> INET: socket monitoring interface
<M> UDP: socket monitoring interface
[ ] TCP: advanced congestion control --->
...
<M> The IPv6 protocol --->
...
[*] Network packet filtering framework (Netfilter) --->
[*] Advanced netfilter configuration
Core Netfilter Configuration --->
<M> "addrtype" address type match support
<M> "comment" match support
<M> "hl" hoplimit/TTL match support
<M> "limit" match support
<M> "multiport" Multiple port match support
<M> "recent" match support
[*] Networking support --->
Networking options --->
[*] Network packet filtering framework (Netfilter) --->
--- Network packet filtering framework (Netfilter)
[ ] Network packet filtering debugging
[*] Advanced netfilter configuration
[*] Bridged IP/ARP packets filtering
Core Netfilter Configuration --->
<M> IP set support --->
<M> IP virtual server support --->
IP: Netfilter Configuration --->
IPv6: Netfilter Configuration --->
DECnet: Netfilter Configuration --->
<M> Ethernet Bridge tables (ebtables) support --->
再者就是按照https://wiki.gentoo.org/wiki/Home_Router,重新设置内核选项并编译,这些选项有些老,现在的内核版本里面已经修改了好多,下面的只是个参考。
Networking options --->
[*] TCP/IP networking
[*] IP: advanced router
[*] Network packet filtering (replaces ipchains)
If you use 2.4.x, you have to enable the following for DHCP:
[*] Socket Filtering
IP: Netfilter Configuration --->
[*] Connection tracking (required for masq/NAT)
[x] FTP protocol support
[x] IRC protocol support
[*] IP tables support (required for filtering/masq/NAT)
[*] IP range match support
[x] MAC address match support
[*] Multiple port match support
[*] Packet filtering
[*] REJECT target support
[x] REDIRECT target support
[*] Full NAT
[*] MASQUERADE target support
[s] Packet mangling
[s] MARK target support
[x] LOG target support
QoS and/or fair queueing --->
[s] QoS and/or fair queueing
[s] HTB packet scheduler
[s] Ingress Qdisc
[a] PPP (point-to-point protocol) support
[a] PPP filtering
[a] PPP support for async serial ports
[a] PPP support for sync tty ports
[a] PPP Deflate compression
[a] PPP BSD-Compress compression
[a] PPP over Ethernet
也可以参考http://blog.csdn.net/seven407/article/details/7667421,设置如下:
Linux Kernel Configuration
-> Networking support
-> Networking options
-> Network packet filtering framework(netfilter)
-> Core netfilter configuration
-> Netfilter connection tracking support
-> Netbios name service protocal support(new)
-> Netfilter Xtables support (required for ip_tables)
Linux Kernel Configuration
-> Networking support
-> Networking options
-> Network packet filtering framework(netfilter)
-> IP: Netfilter Configuration
-> IPv4 connection tracking support (require for NAT)
-> IP tables support (required for filtering/masq/NAT)
-> Full NAT
-> MASQUERADE target support
-> REDIRECT target support
2.启动hostapd系统会报类似如下错误:
nl80211: Failed to set interface wlan0 into AP mode
nl80211 driver initialization failed.
导致LINUX系统无法创建模拟无线AP,终于用GOOGLE在:
https://wiki.archlinux.org/index.php/Software_Access_Point#NetworkManager_is_interfering
帖子中找到了解决办法。其实后来发现只需要将netmanager网络管理器中无线网卡设置为"设备未托管"状态,之后hostapd就可以正常启动。
使用sed -i '/\[keyfile\]/a unmanaged-devices=mac:00:23:cd:10:3e:0b' /etc/NetworkManager/NetworkManager.conf;
在/etc/NetworkManager/NetworkManager.conf文件中的[keyfile]字段之后添加内容为:
unmanaged-devices=mac:00:23:cd:10:3e:0b的一行,其中"00:23:cd:10:3e:0b"为无线网卡MAC地址。这样该网卡就已经不再受NetworkManager管理了,在NetworkManager管理器中无线网络状态将更改为“设备未托管”状态。
使用sed -i '/^unmanaged-devices=mac:00:23:cd:10:3e:0b/d' /etc/NetworkManager/NetworkManager.conf命令,在文件中删除 unmanaged-devices=mac:00:23:cd:10:3e:0b这一行内容,可将无线网络重新托管在NetworkManager管理器中。
3. 客户端使用HOSTAPD无线AP时,网速不稳定,导致某些时刻无法打开网页或者其它因为网络超时导致的网络不可访问故障。(转自下面51cto)
该问题主要是因为无线数据传输校验中随机种子数较少导致的无线网络数据传输时延过大导致的,用户可以通过命令cat /proc/sys/kernel/random/entropy_avail来查看具体数值,该值一般小于1000,用户需要通过在终端中执行yum install haveged命令安装随机数生成器(haveged),并使用systemctl enable haveged.servce命令来启动随机数生成器(haveged)已提高entropy_avail数值。这样无线网络时延将恢复到正常状态。网络不在出现以上描述的问题。
参考网站:
http://os.51cto.com/art/201311/415573.htm
http://blog.csdn.net/seven407/article/details/7667421
http://ihacklog.com/post/use-hostapd-to-setup-wireless-access-point-under-linux.html
http://nims11.wordpress.com/2013/05/22/using-hostapd-with-dnsmasq-to-create-virtual-wifi-access-point-in-linux/
http://blog.csdn.net/lzsdc/article/details/8441859
http://www.gentoo-wiki.info/Wireless/libnl_Access_Point
http://blog.csdn.net/gilzhy/article/details/9098031
http://blog.csdn.net/q1302182594/article/details/8689603
https://wiki.archlinux.org/index.php/Software_Access_Point#NetworkManager_is_interfering