Monday, May 24, 2010

Quick n' Dirty Linux WPA-PSK Wireless AP

On saturday evening, there was a party at home. One of the guests poured her glass of champagne on the ADSL modem lended by my ISP. Undoubtly it wasn't champagne-proof. I have about a week to wait before getting a new one. Fortunately I have my 3G connection but only one person can use it at a given time... and we are two at home. So I have created a very quick and dirty access-point to share my 3G connection. This post has two purpose: record how I did it and show how it eventually turned out to be really easy. Ironically, it was more difficult to configure a new wireless connection on Windows XP than creating the AP.

I am assuming you are running mac80211 wireless stack, which is standard from recent kernels 2.6.30+). You will need hostapd and ISC's DHCPd.

First set up your wireless interface as you would with any other wired interface:

# ifconfig wlan0 inet 192.168.10.1 netmask 0xffffff00 up


Next, configure /etc/hostapd/hostapd.conf:

driver=nl80211
interface=wlan0
channel=13
ssid=3g2wifi
auth_algs=1
wpa=1
wpa_passphrase=XXXXXXXX


And run it:

# hostapd /etc/hostapd/hostapd.conf


From now on, you can configure a smartphone or another computer with this wireless network and see DHCP traffic when using tcpdump -ni wlan0. You may enable debugging with hostapd's -d flag if it doesn't work.

Next step is to provide connectivity to the Internet through 3G (interface ppp0). We have to masquerade the computers behind the access-point (I assume there are no filtering rules):

# iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o ppp0 -j MASQUERADE
# sysctl net.ipv4.conf.all.forwarding=1


Here you can manually configure the IPv4 layer on another computer, setting the DNS servers to the ones provided by you 3G provider, and it should work.

But the sugar on the cake would be to have a DHCP server, to minimize manual configuration. This is straightforward. Here is my /etc/dhcp3/dhcpd.conf (note that I used Google's open DNS resolvers for example purpose):

subnet 192.168.10.0 netmask 255.255.255.0 {
range 192.168.10.20 192.168.10.30;
option routers 192.168.10.1;
option domain-name-servers 4.4.4.4, 4.4.8.8;
}


Start the DHCP server:

# dhcpd3 -cf /etc/dhcp3/dhcpd.conf wlan0


And voila! Now good luck if you have to configure a Windows 7 computer to use this connection :).

No comments: