How to setup a wireless access point: Difference between revisions

From Alpine Linux
m (Update hostapd.conf section)
m (Added See also: Wireless AP with udhcpd and NAT)
(7 intermediate revisions by 5 users not shown)
Line 1: Line 1:
{{Draft}}
{{Draft}}
This page will show a step by step guide to setting up Alpine Linux as a secure wireless access point.  Basic steps are to:
# Install needed packages
# Insure your wireless card is detected and in master/ap mode
# Setup bridge between eth0 and wlan0
# Setup encryption on wlan0
# Setup hostapd
# Associate clients!


== Install needed packages ==
== Install needed packages ==
apk add hostapd wireless-tools wpa_supplicant
{{Cmd|apk add bridge hostapd wireless-tools wpa_supplicant}}


== Check that card is detected ==
== Check that card is detected ==
Simplest way is to check /proc/net/dev and see which are detected there. If not, check what driver the card uses, modprobe it. Last, check that card is in master mode, which is different for each card (hint: google is your friend here)
Cat /proc/net/dev and see which cards are detected.
If no cards are available, check what driver the card uses and modprobe it.
Check that the card is in master mode.


== Setup Bridge ==
== Setup Bridge ==
{{:Setting Up a bridge}}
Setup the bridge by editing <samp>/etc/network/interfaces</samp>. Assuming that you wish to bridge the access point to the ethernet device <samp>eth0</samp>, you can add something like this:
<pre>
auto br0
iface br0 inet dhcp
  hostname alpine
  bridge-ports eth0
</pre>
Comment out any existing lines configuring <samp>eth0</samp> as this should now be handled via the bridge configuration. It is not necessary to mention <samp>wlan0</samp> here, as <samp>hostapd</samp> will take care of adding the device to the bridge later.
 
Please see [[Bridge]] for more information on network bridges.


== Setup Encryption ==
== Setup Encryption ==
Edit /etc/hostapd/hostapd.wpa_psk and insert the following, replacing PASSPHRASE with the WPA_PSK key you would like to use (remove keys that you don't want to use):
Edit /etc/hostapd/hostapd.wpa_psk and insert the following, replacing PASSPHRASE with the WPA_PSK key you would like to use (remove keys that you don't want to use):
00:00:00:00:00:00 PASSPHRASE
00:00:00:00:00:00 PASSPHRASE


== Setup hostapd ==
== Setup hostapd ==
Line 46: Line 50:
  wpa_key_mgmt=WPA-PSK
  wpa_key_mgmt=WPA-PSK
  wpa_pairwise=CCMP
  wpa_pairwise=CCMP
If you wish to use MAC address filtering, uncomment the above 2 lines, create /etc/hostapd/accept (with 600 permissions) and add the allowed clients' MAC address to the file.<br />
If you wish to use MAC address filtering, uncomment the lines starting with macaddr_acl and accept_mac_file, create /etc/hostapd/accept (with 600 permissions) and add the allowed clients' MAC address to the file.<br />
 
Start hostapd.
Start hostapd.
/etc/init.d/hostapd start
 
{{Cmd|/etc/init.d/hostapd start}}


== Associate clients ==
== Associate clients ==
Depending on the client OS software, either just associate the client, or once again see google :).
Associate a few different clients to test.
 
== See also ==
* [[Wireless AP with udhcpd and NAT]]
 
[[Category:Networking]]

Revision as of 23:54, 18 September 2017

This material is work-in-progress ...

Do not follow instructions here until this notice is removed.
(Last edited by John3-16 on 18 Sep 2017.)

Install needed packages

apk add bridge hostapd wireless-tools wpa_supplicant

Check that card is detected

Cat /proc/net/dev and see which cards are detected. If no cards are available, check what driver the card uses and modprobe it. Check that the card is in master mode.

Setup Bridge

Setup the bridge by editing /etc/network/interfaces. Assuming that you wish to bridge the access point to the ethernet device eth0, you can add something like this: 

auto br0
iface br0 inet dhcp
  hostname alpine
  bridge-ports eth0

Comment out any existing lines configuring eth0 as this should now be handled via the bridge configuration. It is not necessary to mention wlan0 here, as hostapd will take care of adding the device to the bridge later.

Please see Bridge for more information on network bridges.

Setup Encryption

Edit /etc/hostapd/hostapd.wpa_psk and insert the following, replacing PASSPHRASE with the WPA_PSK key you would like to use (remove keys that you don't want to use): 

00:00:00:00:00:00 PASSPHRASE

Setup hostapd

Edit /etc/hostapd/hostapd.conf and replace entries that need to be such as interface, bridge, driver, ssid, etc. Example file below: 

interface=wlan0
bridge=br0
driver=hostap
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=0
dump_file=/tmp/hostapd.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
ssid=SecureSSID
#macaddr_acl=1
#accept_mac_file=/etc/hostapd/accept
auth_algs=3
eapol_key_index_workaround=0
eap_server=0
wpa=3
wpa_psk_file=/etc/hostapd/hostapd.wpa_psk
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP

If you wish to use MAC address filtering, uncomment the lines starting with macaddr_acl and accept_mac_file, create /etc/hostapd/accept (with 600 permissions) and add the allowed clients' MAC address to the file.

Start hostapd.

/etc/init.d/hostapd start

Associate clients

Associate a few different clients to test.

See also

Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=How_to_setup_a_wireless_access_point&oldid=13844"